Publicité
Publicité
Format du document : text/plain
Prévisualisation
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24.10.2018
Ran by owner (administrator) on PC (07-11-2018 11:27:35)
Running from C:\Users\owner\Desktop
Loaded Profiles: owner (Available Profiles: owner)
Platform: Windows 10 Pro Version 1809 17763.104 (X64) Language: Japonais (Japon)
Internet Explorer Version 11 (Default browser: "C:\Program Files\Waterfox\waterfox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\Program Files (x86)\InternetOff\IOffSvc.exe
(Crystal Rich Ltd) C:\Zentimo\ZentimoService.exe
(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Prey, Inc.) C:\Windows\Prey\wpxsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
() C:\Program Files (x86)\BWMeter\BWMeterConSvc.exe
(ArcticLine Software) C:\Program Files (x86)\FileMarker.NET\FileMarkerService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe
() C:\Windows\SysWOW64\NMSAccess64.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files (x86)\NordVPN\nordvpn-service.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Windows\SysWOW64\SMITSC.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Toshiba Client Solutions Co., Ltd.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_33799fcff12fb0e2\RMService.exe
(BiniSoft.org) C:\Program Files\Windows Firewall Control\wfcs.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
(Node.js) C:\Windows\Prey\versions\1.8.1\bin\node.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Moo0) C:\Program Files (x86)\Moo0\TransparentMenu 1.20\TransparentMenu.exe
(ALCPU) C:\Program Files\CoreTemp64\Core Temp.exe
(H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel Pro\HDSentinel.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Open-Shell) C:\Program Files\Open-Shell\StartMenu.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Fork, Ltd.) C:\Windows\Prey\versions\1.8.1\node_modules\triggers\bin\lightevt.exe
(Moo0) C:\Program Files (x86)\Moo0\TransparentMenu 1.20\TransparentMenu64.exe
() C:\Program Files (x86)\BetterDesktopTool\BetterDesktopTool.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
() C:\Program Files (x86)\BetterDesktopTool\BetterDesktopToolServer.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Toshiba Client Solutions Co., Ltd.) C:\Program Files\TOSHIBA\System Setting\TCrdMain_Win8.exe
(Toshiba Client Solutions Co., Ltd.) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(BiniSoft.org) C:\Program Files\Windows Firewall Control\wfc.exe
() C:\Program Files (x86)\Stick it 1.00.0b\Stick-It!.exe
(SoftPerfect) C:\NetWorx\networx.exe
(Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
() C:\Program Files (x86)\InternetOff\InternetOff.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(My Portable Software) C:\My CPU Monitor\My CPU Monitor.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
() C:\Program Files (x86)\WinSplit Revolution\WinSplit.exe
() C:\Program Files (x86)\WinSplit Revolution\WinSplitDrvr32.exe
() C:\Program Files (x86)\WinSplit Revolution\WinSplitDrvr64.exe
(SFX TEAM) C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe
(ITSamples.com) C:\Program Files (x86)\Disk activity indicator\DiskActivity.exe
() C:\Users\owner\AppData\Roaming\Textify\Textify.exe
(Simnet Ltd. ) C:\Program Files (x86)\Simple Sticky Notes\ssn.exe
(Crystal Rich Ltd) C:\Zentimo\Zentimo.exe
(Alexandr Irza) C:\Program Files (x86)\Volume2\Volume2.exe
(Digola) C:\Program Files (x86)\Door Control\doorcontrol.exe
(NirSoft) C:\Program Files\volumouse-x64\volumouse.exe
() C:\Program Files\volumouse-x64\volumouse32.exe
(Nenad Hrg SoftwareOK) C:\Program Files\DesktopOK\DesktopOK_x64.exe
(South Bay Software) C:\Program Files (x86)\AutoSizer\AutoSizer.exe
(Guillaume Ryder (hxxp://utilfr42.free.fr)) C:\Users\owner\AppData\Local\Clavier+\Clavier.exe
(RaMMicHaeL) C:\Users\owner\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe
(Actual Tools) C:\Program Files (x86)\Actual Transparent Window\ActualTransparentWindowCenter.exe
(Actual Tools) C:\Program Files (x86)\Actual Transparent Window\ActualTransparentWindowCenter64.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLClientApp.exe
(Henry++) C:\Program Files\Mem Reduct\memreduct.exe
(blackholeearth) C:\Program Files (x86)\Windows 10 Brightness Slider.exe
(Care Your Eyes) C:\CareUEyes\App\ProgramFiles\careueyes.exe
(File-New-Project) C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.0.7.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe
(Carthago Software) C:\Program Files (x86)\MemInfo\meminfo.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
() C:\Program Files (x86)\Gest\Gest.exe
(www.sordum.org) C:\Program Files (x86)\KeyFreeze\KeyFreeze_x64.exe
() C:\Program Files\ShellFolderFix64\ShellFolderFixUI.exe
(Core Technologies Consulting, LLC) C:\Program Files (x86)\ServiceCommander\ServiceCommander.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\wizmouse 1.7.0.3 portable\WizMouse.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [413664 2017-05-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322104 2016-02-03] (Intel Corporation)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Greenshot)
HKLM\...\Run: [TCrdMain] => C:\Program Files\Toshiba\System Setting\TCrdMain_Win8.exe [530240 2016-07-11] (Toshiba Client Solutions Co., Ltd.)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [187184 2016-07-18] (Toshiba Client Solutions Co., Ltd.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2018-10-23] (ESET)
HKLM\...\Run: [Windows Firewall Control] => C:\Program Files\Windows Firewall Control\wfc.exe [639192 2018-08-05] (BiniSoft.org)
HKLM\...\Run: [StartupDelayer] => C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe [1254400 2015-12-18] (r2 Studios)
HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [216576 2018-08-18] (Open-Shell)
HKLM\...\Run: [OODefragTray] => C:\Program Files\O&O Defrag Professional\App\Defrag64\oodtray.exe [5126944 2018-09-18] (O&O Software GmbH)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [NetWorx] => C:\NetWorx\networx.exe [12803624 2018-10-08] (SoftPerfect)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2179720 2018-09-22] (Logitech, Inc.)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [5854280 2018-10-30] (Paramount Software UK Ltd)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2018-09-20] (Adobe Systems Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [125872 2018-09-18] (VMware, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PowerDVD18Agent] => C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD18Agent.exe [528840 2018-10-02] (CyberLink Corp.)
HKLM\...\Policies\Explorer: [NoInstrumentation] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Corporation)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [InternetOff] => C:\Program Files (x86)\InternetOff\InternetOff.exe [3182360 2016-05-25] ()
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [My CPU Monitor] => C:\My CPU Monitor\My CPU Monitor.exe [280064 2015-10-20] (My Portable Software)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Winsplit] => C:\Program Files (x86)\WinSplit Revolution\WinSplit.exe [3951616 2011-04-12] ()
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [SuperCopier2.exe] => C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe [955392 2009-08-16] (SFX TEAM)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [CS Dispatch] => C:\Users\owner\AppData\Roaming\OTi\EASYKMLink\FunctModules\{23863E42-6AAC-482c-81D2-BD6A23CCFEF8}\EASYKMLink.exe [576592 2012-10-30] ()
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [DiskIndicator] => C:\Program Files (x86)\Disk activity indicator\DiskActivity.exe [131072 2014-12-19] (ITSamples.com)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Textify] => C:\Users\owner\AppData\Roaming\Textify\Textify.exe [263680 2017-10-05] ()
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Simple Sticky Notes] => C:\Program Files (x86)\Simple Sticky Notes\ssn.exe [1432000 2018-06-19] (Simnet Ltd. )
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Zentimo xStorage Manager] => C:\Zentimo\Zentimo.exe [7040608 2018-09-09] (Crystal Rich Ltd)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Volume2] => C:\Program Files (x86)\Volume2\Volume2.exe [4797952 2018-06-23] (Alexandr Irza)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Doorcontrol] => C:\Program Files (x86)\Door Control\doorcontrol.exe [799744 2018-10-13] (Digola)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [$Volumouse$] => C:\Program Files\volumouse-x64\volumouse.exe [94816 2014-10-03] (NirSoft)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [DesktopOK] => C:\Program Files\DesktopOK\DesktopOK_x64.exe [716672 2018-11-06] (Nenad Hrg SoftwareOK)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [AutoSizer] => C:\Program Files (x86)\AutoSizer\AutoSizer.exe [131072 2018-08-15] (South Bay Software)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Clavier+] => C:\Users\owner\AppData\Local\Clavier+\Clavier.exe [157184 2018-07-07] (Guillaume Ryder (hxxp://utilfr42.free.fr))
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [7 Taskbar Tweaker] => C:\Users\owner\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe [464896 2018-10-12] (RaMMicHaeL)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Actual Transparent Window] => C:\Program Files (x86)\Actual Transparent Window\ActualTransparentWindowCenter.exe [561408 2018-10-04] (Actual Tools)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Mem Reduct] => C:\Program Files\Mem Reduct\memreduct.exe [306176 2018-10-20] (Henry++)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [74752 2018-11-03] (Locktime Software)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Win10_BrightnessSlider] => C:\Program Files (x86)\Windows 10 Brightness Slider.exe [86016 2018-08-29] (blackholeearth)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [CareUEyes] => C:\CareUEyes\App\ProgramFiles\CareUEyes.exe [929792 2018-11-21] (Care Your Eyes)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [KeepMouseSpeedOK] => C:\Users\owner\Desktop\KeepMouseSpeedOK_Portable\KMS_OK_p.exe [56200 2018-11-06] (Nenad Hrg (SoftwareOK.com))
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Policies\Explorer: [HideSCAVolume] 0
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Policies\Explorer: [NoLogoff] 1
IFEO\taskmgr.exe: [Debugger] C:\Program Files\Task Manager\tm.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Gest.lnk [2016-06-09]
ShortcutTarget: Gest.lnk -> C:\Users\owner\AppData\Roaming\Gest\GestLauncher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MemInfo.lnk [2016-06-05]
ShortcutTarget: MemInfo.lnk -> C:\Program Files (x86)\MemInfo\meminfo.exe (Carthago Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PopChar.lnk [2018-08-01]
ShortcutTarget: PopChar.lnk -> C:\Program Files\Ergonis\PopChar\PopChar.exe (Ergonis Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2016-06-08]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter)
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2018-10-03] ()
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gest.lnk [2016-06-09]
ShortcutTarget: Gest.lnk -> C:\Users\owner\AppData\Roaming\Gest\GestLauncher.exe ()
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KeyFreeze x64.lnk [2018-11-01]
ShortcutTarget: KeyFreeze x64.lnk -> C:\Program Files (x86)\KeyFreeze\KeyFreeze_x64.exe (www.sordum.org)
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KillProcess.bat [2018-03-11] ()
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MemInfo.lnk [2018-08-18]
ShortcutTarget: MemInfo.lnk -> C:\Program Files (x86)\MemInfo\meminfo.exe (Carthago Software)
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Service Commander - Start.bat [2017-02-24] ()
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShellFolderFix.lnk [2016-06-09]
ShortcutTarget: ShellFolderFix.lnk -> C:\Program Files\ShellFolderFix64\ShellFolderFixUI.exe ()
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WizMouse.exe.lnk [2016-10-05]
ShortcutTarget: WizMouse.exe.lnk -> C:\Program Files (x86)\wizmouse 1.7.0.3 portable\WizMouse.exe ()
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0310dcae-38e3-48ac-9821-3e0a71b82103}: [NameServer] 80.67.169.12,80.67.169.40
Tcpip\..\Interfaces\{0f6a2937-2f18-449f-87e6-89ef9e7e9581}: [NameServer] 80.67.169.12,80.67.169.40
Tcpip\..\Interfaces\{1e20e5ee-2e6c-493e-a1a7-84acdaa40ea4}: [NameServer] 80.67.169.12,80.67.169.40
Tcpip\..\Interfaces\{885b802c-3706-4e61-bf85-4a25733b28a1}: [NameServer] 80.67.169.12,80.67.169.40
Tcpip\..\Interfaces\{90d6cc6d-d1ab-4f93-bfdf-407c164e1fb6}: [NameServer] 80.67.169.12,80.67.169.40
Tcpip\..\Interfaces\{a7648d2a-bbaf-47eb-a034-1e84ec773a1c}: [NameServer] 80.67.169.12,80.67.169.40
Tcpip\..\Interfaces\{af18129c-d4fb-4056-b8c0-227532b5b5b9}: [NameServer] 80.67.169.12,80.67.169.40
Tcpip\..\Interfaces\{cbd81dbf-9dce-42fc-92d1-ae8370325fb3}: [NameServer] 80.67.169.12,80.67.169.40,192.168.1.1
Tcpip\..\Interfaces\{cbd81dbf-9dce-42fc-92d1-ae8370325fb3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ec54fa79-9ced-4441-aa34-ab2ddf87a0c7}: [NameServer] 80.67.169.12,80.67.169.40
Tcpip\..\Interfaces\{ec54fa79-9ced-4441-aa34-ab2ddf87a0c7}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
SearchScopes: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
BHO: No Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Program Files (x86)\OldNewExplorer\OldNewExplorer64.dll [2017-08-16] (www.startisback.com)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_64.dll [2018-08-18] (Open-Shell)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
BHO-x32: No Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Program Files (x86)\OldNewExplorer\OldNewExplorer32.dll [2017-08-16] (www.startisback.com)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-11-06] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer32.dll [2018-08-18] (Open-Shell)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_32.dll [2018-08-18] (Open-Shell)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer32.dll [2018-08-18] (Open-Shell)
Toolbar: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-06] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-11-06] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-11-06] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-11-06] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-11-06] (Microsoft Corporation)
Edge:
======
Edge Extension: (BookReader) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [2018-09-15]
Edge Extension: (PinJSAPI) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [2018-09-15]
FireFox:
========
FF DefaultProfile: zszg12lr.default
FF ProfilePath: C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default [2018-11-07]
FF Homepage: Waterfox\Profiles\zszg12lr.default -> moz-extension://fad938aa-df34-4cda-9f16-f707ee5c84f4/newTab.xhtml
FF NewTab: Waterfox\Profiles\zszg12lr.default -> moz-extension://fad938aa-df34-4cda-9f16-f707ee5c84f4/newTab.xhtml
FF NewTabOverride: Waterfox\Profiles\zszg12lr.default -> Enabled: newtabtools@darktrojan.net
FF Extension: (Disconnect) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\2.0@disconnect.me.xpi [2017-04-04]
FF Extension: (popup video) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\@popup-video.xpi [2018-07-18] [Legacy]
FF Extension: (About config button) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\aboutconfigbutton@firefox.xpi [2017-06-19] [Legacy]
FF Extension: (Make Address Bar Font Size Bigger) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\addressBarFontSizeBigger@papafresh.com.xpi [2017-11-26] [Legacy]
FF Extension: (Roomy Bookmarks Toolbar) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\ALone-live@ya.ru.xpi [2017-11-04] [Legacy]
FF Extension: (Add-ons Manager Context Menu) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\amcontextmenu@loucypher.xpi [2017-12-30] [Legacy]
FF Extension: (Better Image Viewer) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\betterimageviewer@darktrojan.net.xpi [2018-05-04]
FF Extension: (Biscuit) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\biscuit@nuko.org.xpi [2017-02-16] [Legacy]
FF Extension: (CanvasBlocker) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\CanvasBlocker@kkapsner.de.xpi [2018-10-15]
FF Extension: (Classic Theme Restorer) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2018-07-18] [Legacy]
FF Extension: (Suppression automatique des témoins) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\CookieAutoDelete@kennydo.com.xpi [2018-05-14]
FF Extension: (Don't track me Google) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\dont-track-me-google@robwu.nl.xpi [2018-01-18]
FF Extension: (Download Panel Tweaker) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\downloadPanelTweaker@infocatcher.xpi [2017-12-10] [Legacy]
FF Extension: (Drag To Scroll) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\dragtoscroll@deag1bcc-abec-daec-cdae-aeadedcabebacdad.xpi [2018-05-19]
FF Extension: (Easy Screenshot) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\easyscreenshot@mozillaonline.com.xpi [2018-02-15] [Legacy]
FF Extension: (Enhancer for YouTube™) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2018-11-03]
FF Extension: (Foxtana Pro - Redirect Cortana and Bing) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\extension@foxtana.com.xpi [2018-09-03]
FF Extension: (Tampermonkey) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\firefox@tampermonkey.net.xpi [2018-09-14]
FF Extension: (FireGestures) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\firegestures@xuldev.org.xpi [2017-06-11] [Legacy]
FF Extension: (Dictionnaire français) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org [2018-09-03] [Legacy]
FF Extension: (Emoji copier et coller) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\helper@emoji.org.xpi [2018-09-03]
FF Extension: (Hide Caption Titlebar Plus ⁴) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\hidecaptionplus-dp@dummy.addons.mozilla.org.xpi [2018-09-07] [Legacy]
FF Extension: (HTTPS partout) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\https-everywhere@eff.org.xpi [2018-11-03]
FF Extension: (Switchy) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\id@baku.switchy.xpi [2016-06-28] [Legacy]
FF Extension: (InstaClick) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\instaclick@leahscape.com.xpi [2017-11-12] [Legacy]
FF Extension: (Facebook™ Seen Blocker) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\jid0-AcfdPqSA2Ugt2vdJh6Kj7IiOp5W@jetpack.xpi [2017-06-26]
FF Extension: (Auto Shutdown NG) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack.xpi [2017-06-26] [Legacy]
FF Extension: (What about:..) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\jid0-IPSuVKD0J7yL1cIBwQAdoHTCWmY@jetpack.xpi [2017-06-19] [Legacy]
FF Extension: (fontdpi) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\jid1-4ZzxC2kiN3rzJA@jetpack.xpi [2016-06-29] [Legacy]
FF Extension: (FoxyAbout) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\jid1-d3SwJwS6q9JpMq@jetpack.xpi [2018-01-31] [Legacy]
FF Extension: (PDF Mage) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\jid1-GeRCnsiDhZiTvA@jetpack.xpi [2018-10-26]
FF Extension: (Swift Selection Search) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\jid1-KdTtiCj6wxVAFA@jetpack.xpi [2018-09-24]
FF Extension: (British English Dictionary (Marco Pinto)) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\marcoagpinto@mail.telepac.pt [2018-10-26] [Legacy]
FF Extension: (Maximize Video) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\MaximizeVideo@ettoolong.xpi [2018-08-04]
FF Extension: (New Tab Tools) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\newtabtools@darktrojan.net.xpi [2018-05-04]
FF Extension: (Open Page in Private Window) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\open-page-in-private-window@cpeterso.com.xpi [2018-09-03]
FF Extension: (Playback speed) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\playbackSpeed@waldemar.b.xpi [2018-05-06]
FF Extension: (Private Tab) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\privateTab@infocatcher.xpi [2018-05-17] [Legacy]
FF Extension: (Rename Tab Title) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\renametabtitle@mozilla.org.xpi [2018-07-17]
FF Extension: (Rikaichan Japanese-French Dictionary File) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\rikaichan-jpfr@polarcloud.com [2018-09-03] [Legacy]
FF Extension: (Semi-Full Screen) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\SemiFullScreen@Merci.chao.xpi [2017-11-23] [Legacy]
FF Extension: (Skip Redirect) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\skipredirect@sblask.xpi [2018-05-02]
FF Extension: (SSleuth) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\ssleuth@github.xpi [2017-02-16] [Legacy]
FF Extension: (uBlock Origin) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\uBlock0@raymondhill.net.xpi [2018-10-19]
FF Extension: (Undo Closed Tabs Button) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\undoclosedtabsbutton@supernova00.biz.xpi [2017-02-26] [Legacy]
FF Extension: (Zoom Page) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\zoompage@DW-dev.xpi [2017-11-12] [Legacy]
FF Extension: (Disconnect for Facebook™) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{02bf35c3-6f86-4eb4-bea8-e70bc294a7dc}.xpi [2017-11-11]
FF Extension: (Rikaichan) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{0AA9101C-D3C1-4129-A9B7-D778C6A17F82}.xpi [2018-03-08] [Legacy]
FF Extension: (Tab Center Redux) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{0ad88674-2b41-4cfb-99e3-e206c74a0076}.xpi [2018-09-27]
FF Extension: (Flagfox) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2018-08-06] [Legacy] [not signed]
FF Extension: (Export Tabs URLs) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{17165bd9-9b71-4323-99a5-3d4ce49f3d75}.xpi [2018-07-13]
FF Extension: (Undo Close Tab) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{4853d046-c5a3-436b-bc36-220fd935ee1d}.xpi [2018-06-10]
FF Extension: (StartupMaster) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{506d044e-41fa-4cc8-9dc6-9ff70e96eebf}.xpi [2018-03-19] [Legacy]
FF Extension: (SmoothWheel (mozdev.org)) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi [2016-06-28] [Legacy]
FF Extension: (Onglet revers pour Tree Style Tab) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{724545b6-7e17-4fa2-96e0-71eddf3c3319}.xpi [2018-02-18]
FF Extension: (User-Agent Switcher) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{75afe46a-7a50-4c6b-b866-c43a1075b071}.xpi [2018-05-29]
FF Extension: (Stylus) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{7a7a4a92-a2a0-41d1-9fd7-1e92480d612d}.xpi [2018-11-04]
FF Extension: (Youtube Zen) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{7f5dbd00-a296-4696-aebb-06a992c1b4cf}.xpi [2018-09-29]
FF Extension: (Download Tab) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{a949831f-d9c0-45ae-8c60-91c2a86fbfb6}.xpi [2017-12-10] [Legacy]
FF Extension: (Permanent Progress Bar for YouTube) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{af838dcd-be8a-4237-8835-69fca92171d3}.xpi [2018-10-30]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2018-11-04]
FF Extension: (Change Referer Button) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{c71ff04d-f001-1fc1-1fc1-c71ff04df001}.xpi [2017-11-12] [Legacy]
FF Extension: (BetterPrivacy) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2016-10-31] [Legacy]
FF Extension: (Tab Mix Plus) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2018-09-03] [Legacy]
FF Extension: (SaveTabs) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{f587d35c-943b-4323-8aee-cd8691df4db0}.xpi [2017-12-10]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\instaclick@leahscape.com.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\addressBarFontSizeBigger@papafresh.com.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\{c71ff04d-f001-1fc1-1fc1-c71ff04df001}.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\{477c4c36-24eb-11da-94d4-00e08161165f}.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\biscuit@nuko.org.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\undoclosedtabsbutton@supernova00.biz.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\ALone-live@ya.ru.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\addonsRecentUpdates@infocatcher.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\firegestures@xuldev.org.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\aboutconfigbutton@firefox.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\zoompage@DW-dev.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [not found]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2018-09-19]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-10-10] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-08-25] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-08-25] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.4\npGoogleUpdate3.dll [2016-08-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.4\npGoogleUpdate3.dll [2016-08-21] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems)
StartMenuInternet: Firefox-6F940AC27A98DD61 - C:\Program Files\Waterfox\waterfox.exe
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (uBlock Origin) - C:\Users\owner\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2018-10-04]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Inc.)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [115752 2017-05-22] (Alps Electric Co., Ltd.)
R2 BrokerInfrastructure; C:\WINDOWS\System32\psmsrv.dll [241664 2018-09-15] (Microsoft Corporation)
R2 BWMeterConSvc; C:\Program Files (x86)\BWMeter\BWMeterConSvc.exe [125440 2018-10-06] () [File not signed]
S3 cbdhsvc; C:\WINDOWS\System32\cbdhsvc.dll [961024 2018-09-15] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9761440 2018-11-01] (Microsoft Corporation)
S3 ConsentUxUserSvc; C:\WINDOWS\System32\ConsentUxClient.dll [157696 2018-09-15] (Microsoft Corporation)
R2 CronService; C:\Windows\Prey\wpxsvc.exe [6886472 2018-07-27] (Prey, Inc.)
R3 DisplayEnhancementService; C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll [914944 2018-09-15] (Microsoft Corporation)
S3 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23800 2018-10-18] (Intel)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2302152 2018-10-23] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2302152 2018-10-23] (ESET)
R2 FileMarkerApplyIconService; C:\Program Files (x86)\FileMarker.NET\FileMarkerService.exe [717576 2013-11-01] (ArcticLine Software)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2018-08-02] (Futuremark)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18488 2016-02-03] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [532968 2018-07-10] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373712 2018-04-17] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [743728 2017-11-07] (Intel(R) Corporation)
R2 Intel(R) PROSet Monitoring Service; C:\WINDOWS\system32\IProsetMonitor.exe [506368 2017-08-21] (Intel Corporation) [File not signed]
R2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [720184 2017-11-07] (Intel(R) Corporation)
R2 InternetOffService; C:\Program Files (x86)\InternetOff\IOffSvc.exe [1634072 2016-05-25] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-11-22] (Intel Corporation)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [5659976 2018-10-30] (Paramount Software UK Ltd)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-09-05] ()
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [310272 2018-11-03] (Locktime Software)
R2 NMSAccess64; C:\WINDOWS\SysWOW64\NMSAccess64.exe [82872 2009-01-12] ()
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [437200 2018-10-16] ()
S4 OEMRegistrationProgram; C:\Program Files (x86)\Toshiba\OEM Registration Program\OEMRegistrationProgram.exe [16384 2012-12-17] (Toshiba Corporation) [File not signed]
S3 perceptionsimulation; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [78848 2018-09-15] (Microsoft Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S4 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5381624 2018-09-15] (Microsoft Corporation)
R2 SMITS; C:\Windows\SysWOW64\SMITSC.exe [13312 2014-02-27] () [File not signed]
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2018-09-15] ()
S4 TPCHKarteSVC; C:\Program Files (x86)\TOSHIBA\TKRTL\TPCHKarteSVC.exe [244144 2013-01-22] (Toshiba Corporation)
S2 TSDSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_33799fcff12fb0e2\ToshibaSystemService.exe [22114272 2018-05-29] (Toshiba Client Solutions Co., Ltd.)
S2 TSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_33799fcff12fb0e2\TOSTABSYSSVC.exe [272872 2018-05-29] (Toshiba Client Solutions Co., Ltd.)
R2 TSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_33799fcff12fb0e2\RMService.exe [443840 2018-05-29] (Toshiba Client Solutions Co., Ltd.)
R2 vmware-converter-agent; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [518120 2017-12-11] (VMware, Inc.)
R2 vmware-converter-server; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [518120 2017-12-11] (VMware, Inc.)
R2 vmware-converter-worker; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [518120 2017-12-11] (VMware, Inc.)
S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15445936 2018-09-18] ()
S3 WaaSMedicSvc; C:\WINDOWS\System32\WaaSMedicSvc.dll [437760 2018-09-15] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3830488 2018-09-15] (Microsoft Corporation)
R2 wfcs; C:\Program Files\Windows Firewall Control\wfcs.exe [121632 2018-08-05] (BiniSoft.org)
S4 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation)
S3 WManSvc; C:\WINDOWS\system32\Windows.Management.Service.dll [370176 2018-09-15] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18736 2018-09-05] (Intel(R) Corporation)
R2 ZentimoService; C:\Zentimo\ZentimoService.exe [1789024 2018-09-08] (Crystal Rich Ltd)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4059744 2018-09-05] (Intel® Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ALSysIO; C:\Users\owner\AppData\Local\Temp\ALSysIO64.sys [46384 2018-11-07] (Arthur Liberman) <==== ATTENTION
R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] ()
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2015-06-04] (Advanced Micro Devices, Inc.)
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] ()
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2017-02-28] ()
S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [38320 2017-02-28] ()
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [38320 2017-09-01] ()
R1 BasicDisplay; C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_5103ac179273be89\BasicDisplay.sys [68096 2018-09-15] (Microsoft Corporation)
R1 BasicRender; C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_0b8d03c3bc0e7fd9\BasicRender.sys [37376 2018-09-15] (Microsoft Corporation)
S3 bmdrvr; C:\Windows\SysWow64\drivers\bmdrvr-x64.sys [84736 2017-12-11] (VMware, Inc.)
S3 BthMini; C:\WINDOWS\System32\drivers\BTHMINI.sys [34816 2018-09-15] (Microsoft Corporation)
R2 CLFCL5.18; C:\WINDOWS\system32\DRIVERS\CLFCL5.18\000.fcl [46848 2018-10-02] (CyberLink Corp.)
S3 CompFilter64; C:\WINDOWS\System32\drivers\lvbflt64.sys [26784 2012-10-26] (Logicool Co., Ltd.)
S3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [39048 2015-11-15] (Windows (R) Win 7 DDK provider)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [143448 2018-10-23] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107896 2018-10-23] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-02-19] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188832 2018-10-23] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109864 2018-10-23] (ESET)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [34368 2018-01-16] ()
R0 EPMVolFlt; C:\WINDOWS\System32\drivers\EPMVolFlt.sys [30280 2018-07-19] (Windows (R) Codename Longhorn DDK provider)
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2016-07-11] () [File not signed]
S3 hidspi; C:\WINDOWS\System32\drivers\hidspi.sys [60928 2018-09-15] (Microsoft Corporation)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-07-24] (REALiX(tm))
S3 iaLPSS2i_GPIO2_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_GPIO2_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_I2C_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [180736 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_I2C_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2018-09-15] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136720 2018-05-15] (Intel Corporation)
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [66824 2017-06-15] (IObit)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37104 2018-05-08] (Intel Corporation)
S3 IUProcessFilter; C:\IObit Uninstaller\App\ProgramFiles\drivers\win10_amd64\IUProcessFilter.sys [37184 2018-10-16] (IObit)
S3 IURegistryFilter; C:\IObit Uninstaller\App\ProgramFiles\drivers\win10_amd64\IURegistryFilter.sys [43392 2018-10-16] (IObit)
S3 LcUvcUpper; C:\WINDOWS\system32\DRIVERS\LcUvcUpper.sys [37912 2015-09-21] (Microsoft Corporation)
S3 lvrs64; C:\WINDOWS\system32\DRIVERS\lvrs64.sys [351520 2012-10-26] (Logicool Co., Ltd.)
S3 LVUVC64; C:\WINDOWS\system32\DRIVERS\lvuvc64.sys [4758176 2012-10-26] (Logicool Co., Ltd.)
S3 MbbCx; C:\WINDOWS\System32\drivers\MbbCx.sys [290816 2018-09-15] (Microsoft Corporation)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [53760 2018-09-15] (Microsoft Corporation)
R0 mrcbt; C:\WINDOWS\System32\drivers\mrcbt.sys [73392 2018-11-03] (Windows (R) Win 7 DDK provider)
R0 mrigflt; C:\WINDOWS\System32\drivers\mrigflt.sys [61808 2018-11-03] (Windows (R) Win 7 DDK provider)
S3 MYFAULT; C:\WINDOWS\system32\drivers\myfault.sys [25392 2018-11-04] (Sysinternals)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3586696 2018-09-26] (Intel Corporation)
R1 networx; C:\WINDOWS\System32\drivers\networx.sys [114144 2018-09-23] (Windows (R) Win 7 DDK provider)
R0 nldrv; C:\WINDOWS\System32\drivers\nldrv.sys [175048 2018-10-29] (Locktime Software)
S3 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [81688 2018-03-03] (Insecure.Com LLC.)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 PktMon; C:\WINDOWS\System32\drivers\PktMon.sys [85504 2018-09-15] (Microsoft Corporation)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Resplendence Software Projects Sp.)
R3 RTSPER; C:\WINDOWS\System32\drivers\RtsPer.sys [928496 2018-10-16] (Realsil Semiconductor Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [43008 2018-07-18] ()
S3 SIVDriver; C:\WINDOWS\system32\Drivers\SIVX64.sys [189584 2018-10-14] (Ray Hinchliffe)
S0 SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [219960 2018-09-15] (Microsemi Corportation)
R3 stdriver; C:\WINDOWS\system32\DRIVERS\stdriverx64.sys [54664 2018-11-01] ()
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-06-13] (The OpenVPN Project)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [46456 2018-05-14] (Toshiba Client Solutions Co., Ltd.)
R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_33799fcff12fb0e2\TosSrvCtlDrv.sys [26504 2018-05-29] (Toshiba Client Solutions Co., Ltd. )
S3 UcmUcsiAcpiClient; C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [31232 2018-09-15] (Microsoft Corporation)
S3 UcmUcsiCx0101; C:\WINDOWS\System32\Drivers\UcmUcsiCx.sys [99840 2018-09-15] (Microsoft Corporation)
R1 UimBus; C:\WINDOWS\System32\drivers\uimbus.sys [108896 2017-09-12] (Paragon Software GmbH)
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uimdevim.sys [44904 2017-09-12] (Paragon Software GmbH)
R0 VMSNPXY; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [37920 2018-10-03] (Microsoft Corporation)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [92040 2018-06-21] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-27] (VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Corporation)
R3 WinQuic; C:\WINDOWS\System32\drivers\winquic.sys [156984 2018-09-15] (Microsoft Corporation)
R2 WiseFs; C:\WINDOWS\WiseFs64.sys [66128 2017-12-20] (WiseCleaner.com)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [33864 2018-09-08] (wisecleaner.com)
S3 WiseRegNotify; C:\WINDOWS\WiseRegNotify.sys [51272 2018-09-30] (WiseCleaner.com)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: WManSvc -> C:\Windows\system32\Windows.Management.Service.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-07 11:27 - 2018-11-07 11:28 - 000055208 _____ C:\Users\owner\Desktop\FRST.txt
2018-11-07 11:26 - 2018-10-26 12:15 - 002414592 _____ (Farbar) C:\Users\owner\Desktop\FRST64.exe
2018-11-07 08:43 - 2018-11-07 08:43 - 000000000 ____D C:\Users\owner\Desktop\PreSonus.Studio.One.4.Professional.v4.1.1.Incl.Patched.and.Keygen-R2R
2018-11-07 08:40 - 2018-11-07 08:40 - 000000000 ____D C:\Users\owner\Desktop\sumo
2018-11-07 08:40 - 2018-11-07 08:40 - 000000000 ____D C:\Users\owner\Desktop\Mirillis.Action-rsload.net-
2018-11-07 08:39 - 2018-11-07 08:39 - 000005035 _____ C:\ProgramData\yubhinti.sju
2018-11-07 08:39 - 2018-11-07 08:39 - 000000000 ____D C:\Users\owner\AppData\Local\Movavi
2018-11-07 08:39 - 2018-11-07 08:39 - 000000000 ____D C:\Users\owner\AppData\Local\converter
2018-11-07 08:38 - 2018-11-07 08:40 - 000000000 ____D C:\Users\owner\Desktop\Movavi Video Converter 19.0.0 RePack (& Portable) by TryRooM
2018-11-07 08:38 - 2018-11-07 08:39 - 000000000 ____D C:\Users\owner\Desktop\MovaviVCPremiumPortable
2018-11-06 16:08 - 2018-11-06 16:08 - 000000000 ____D C:\Users\owner\Desktop\Mylène Farmer - Désobéissance
2018-11-06 14:17 - 2018-11-06 14:17 - 000000000 ____D C:\Users\owner\AppData\Local\Xavier_Foucrier
2018-11-06 13:35 - 2018-11-06 13:37 - 000000000 ____D C:\Users\owner\Desktop\KeepMouseSpeedOK_Portable
2018-11-06 09:14 - 2018-11-06 09:14 - 000327755 _____ C:\Users\owner\Desktop\Bon-de-Commande12.pdf
2018-11-06 08:19 - 2018-11-06 08:19 - 000000000 ____D C:\Users\owner\AppData\Roaming\Burnaware
2018-11-05 22:57 - 2018-11-06 07:57 - 000000000 ____D C:\Users\owner\AppData\Roaming\careueyes
2018-11-05 21:22 - 2018-11-05 21:22 - 000002898 _____ C:\WINDOWS\System32\Tasks\Core Temp Autostart owner
2018-11-05 13:50 - 2018-11-05 13:50 - 000000000 ____D C:\Program Files\Tablacus Explorer
2018-11-05 11:29 - 2018-11-05 13:39 - 000000000 ____D C:\Users\owner\Desktop\trayit_4_6_5_5
2018-11-05 08:20 - 2018-11-05 08:21 - 000000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF
2018-11-05 08:17 - 2018-11-05 08:17 - 000000000 ____D C:\Program Files\Locktime Software
2018-11-04 22:16 - 2018-11-04 22:16 - 000000000 ____D C:\Users\owner\AppData\Local\AutoIt v3
2018-11-04 22:15 - 2018-11-05 17:23 - 000000428 _____ C:\Users\owner\SciTE.session
2018-11-04 22:12 - 2018-11-04 22:12 - 000000000 ____D C:\Program Files (x86)\AutoIt3
2018-11-04 09:16 - 2018-11-04 09:16 - 000025392 _____ (Sysinternals) C:\WINDOWS\system32\Drivers\myfault.sys
2018-11-03 19:08 - 2018-11-05 16:59 - 000000000 ____D C:\Program Files (x86)\turned on times view
2018-11-03 17:23 - 2018-11-03 17:23 - 000000000 ____D C:\Program Files (x86)\Nirsoft tools
2018-11-03 17:16 - 2018-11-03 17:17 - 106469864 _____ C:\Users\owner\Desktop\Telecable.03.11.pdf
2018-11-03 13:57 - 2018-11-03 13:57 - 000000000 ____D C:\Program Files (x86)\Screen To Gif
2018-11-03 13:21 - 2018-11-03 13:21 - 000000000 ____D C:\Program Files\DVDFab
2018-11-03 12:48 - 2018-11-03 12:48 - 000000000 ____D C:\Users\owner\AppData\Roaming\26188
2018-11-03 12:13 - 2018-11-03 12:13 - 000000000 ____D C:\Program Files (x86)\Windows Repair Toolbox
2018-11-03 12:09 - 2018-09-16 05:46 - 000533878 _____ C:\Users\owner\Desktop\Vanilla Tokyo Taipei.pdf
2018-11-03 12:09 - 2018-08-06 02:23 - 121526403 _____ C:\Users\owner\Desktop\Velo.Magazine.565.pdf
2018-11-03 12:09 - 2018-07-07 00:25 - 119987918 _____ C:\Users\owner\Desktop\Velo564.pdf
2018-11-03 12:09 - 2018-04-05 22:02 - 031847248 _____ (Entropy6) C:\Users\owner\Desktop\XMetersSetup.exe
2018-11-03 12:08 - 2018-10-12 08:40 - 000002058 _____ C:\Users\owner\Desktop\pains bakery.txt
2018-11-03 12:08 - 2018-09-10 08:18 - 000242048 _____ (Nenad Hrg (SoftwareOK)) C:\Users\owner\Desktop\NewFileTime_x64.exe
2018-11-03 12:08 - 2017-12-08 10:17 - 000034000 _____ C:\Users\owner\Desktop\RunAsDate.exe
2018-11-03 12:07 - 2018-08-05 09:09 - 107242343 _____ C:\Users\owner\Desktop\Le.Cycle.498.pdf
2018-11-03 12:07 - 2018-06-27 09:32 - 117103827 _____ C:\Users\owner\Desktop\Le.Cycle.497.pdf
2018-11-03 12:06 - 2018-09-24 06:15 - 000000243 _____ C:\Users\owner\Desktop\docteur taipei.txt
2018-11-03 12:06 - 2018-09-14 13:02 - 000000098 _____ C:\Users\owner\Desktop\confirmation vol bidon.txt
2018-11-03 12:06 - 2017-12-17 19:00 - 140827315 _____ C:\Users\owner\Desktop\CycLe.Hs.15.pdf
2018-11-03 12:04 - 2018-08-15 02:45 - 106106439 _____ C:\Users\owner\Desktop\Chas-Img-381.pdf
2018-11-03 12:04 - 2018-02-13 21:23 - 107216317 _____ C:\Users\owner\Desktop\Capital.Dossier.Special.1.pdf
2018-11-03 11:53 - 2018-11-03 12:09 - 000000000 ____D C:\Users\owner\Desktop\whoisconnectedsniffer-x64
2018-11-03 11:53 - 2018-11-03 12:08 - 000000000 ____D C:\Users\owner\Desktop\rsload.net.KeyScrambler
2018-11-03 11:53 - 2018-11-03 12:08 - 000000000 ____D C:\Users\owner\Desktop\madVR
2018-11-03 11:53 - 2018-11-03 12:07 - 000000000 ____D C:\Users\owner\Desktop\LAVFilters-0.73.1-x64
2018-11-03 11:53 - 2018-11-03 12:06 - 000000000 ____D C:\Users\owner\Desktop\exeinfope
2018-11-03 11:53 - 2018-11-03 12:03 - 000000000 ____D C:\Users\owner\Desktop\貓空
2018-11-03 11:52 - 2018-11-04 10:22 - 000000000 ____D C:\Users\owner\Desktop\A ramener de France
2018-11-03 11:52 - 2018-11-03 17:16 - 000000000 ____D C:\Users\owner\Desktop\Jam
2018-11-03 11:52 - 2018-11-03 12:08 - 000000000 ____D C:\Users\owner\Desktop\Taobao
2018-11-03 11:52 - 2018-11-03 12:08 - 000000000 ____D C:\Users\owner\Desktop\PDF
2018-11-03 11:52 - 2018-11-03 12:08 - 000000000 ____D C:\Users\owner\Desktop\Lili
2018-11-03 11:52 - 2018-11-03 12:06 - 000000000 ____D C:\Users\owner\Desktop\Eric guibon
2018-11-03 11:52 - 2018-11-03 12:03 - 000000000 ____D C:\Users\owner\Desktop\22
2018-11-03 11:51 - 2018-11-03 12:04 - 000000000 ____D C:\Users\owner\Desktop\A classer
2018-11-03 11:50 - 2018-11-06 13:32 - 000000000 ____D C:\Users\owner\Desktop\Import
2018-11-03 11:50 - 2018-11-03 12:08 - 000000000 ____D C:\Users\owner\Desktop\Snoopy
2018-11-03 11:50 - 2018-11-03 12:06 - 000000000 ____D C:\Users\owner\Desktop\chinois
2018-11-03 11:50 - 2018-11-03 12:03 - 000000000 ____D C:\Users\owner\Desktop\22 yi
2018-11-03 11:25 - 2018-11-03 11:25 - 005539424 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-11-03 08:13 - 2018-11-03 08:13 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2018-11-01 17:00 - 2018-11-01 17:00 - 000054664 _____ C:\WINDOWS\system32\Drivers\stdriverx64.sys
2018-11-01 16:57 - 2018-11-01 16:57 - 000000000 ____D C:\Users\owner\AppData\Roaming\Recordpad
2018-11-01 15:59 - 2018-11-01 16:00 - 000000000 ____D C:\Program Files (x86)\NordVPN
2018-11-01 14:54 - 2018-11-01 14:54 - 000000000 ____D C:\Users\owner\AppData\Local\Deployment
2018-11-01 14:53 - 2018-11-01 14:53 - 000000000 ____D C:\Program Files\Logitech
2018-11-01 12:10 - 2018-11-01 12:16 - 000000000 ____D C:\Users\owner\AppData\Roaming\PayWin
2018-11-01 12:06 - 2018-11-01 12:06 - 000000000 ____D C:\Program Files (x86)\Western Digital Corporation
2018-11-01 09:19 - 2018-11-01 09:19 - 000000000 ____D C:\Program Files (x86)\DnsJumper
2018-10-31 22:07 - 2018-11-03 11:15 - 000000000 ____D C:\WINDOWS\System32\Tasks\UAC pass
2018-10-31 20:25 - 2018-10-31 20:25 - 000000000 ____D C:\Users\owner\AppData\Roaming\Locktime
2018-10-31 20:25 - 2018-10-31 20:25 - 000000000 ____D C:\ProgramData\Locktime
2018-10-31 19:40 - 2018-11-01 13:58 - 000000000 ____D C:\Program Files (x86)\KeyFreeze
2018-10-31 18:00 - 2018-10-31 18:00 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2018-10-31 17:59 - 2018-10-17 21:07 - 003128672 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2018-10-31 17:59 - 2018-10-17 21:07 - 001382104 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2018-10-31 17:59 - 2018-10-17 21:07 - 001337504 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2018-10-31 17:59 - 2018-10-17 21:07 - 000873328 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2018-10-31 17:59 - 2018-10-17 21:07 - 000852000 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2018-10-31 17:59 - 2018-10-17 21:07 - 000604664 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2018-10-31 17:59 - 2018-10-17 21:07 - 000540984 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2018-10-31 17:59 - 2018-10-17 21:07 - 000447048 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2018-10-31 17:59 - 2018-10-17 21:07 - 000230568 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2018-10-31 17:59 - 2018-10-17 21:07 - 000218136 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2018-10-31 17:59 - 2018-10-17 21:07 - 000174808 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2018-10-31 17:59 - 2018-10-17 21:07 - 000158560 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2018-10-31 17:59 - 2018-10-17 21:07 - 000075408 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 003417880 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 003319480 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 002992288 _____ (Audyssey Labs) C:\WINDOWS\system32\AudysseyEfx.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 001971448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 001788032 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 001598472 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 001516344 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 001353384 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000964888 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000751376 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000734872 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000715728 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000692224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000511744 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000453336 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000452816 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000448680 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000392936 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000343768 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000333112 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000327328 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000327328 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000278344 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000261312 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000261272 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000260288 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000231784 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000220448 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000193040 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000157408 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000139816 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000116600 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000093968 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000090976 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000090232 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000088376 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000083688 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2018-10-31 17:59 - 2018-10-17 18:06 - 003677232 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2018-10-31 17:59 - 2018-10-17 18:06 - 003159488 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2018-10-31 17:59 - 2018-10-17 18:06 - 000266624 _____ (TODO:) C:\WINDOWS\system32\slprp64.dll
2018-10-31 17:59 - 2018-10-17 18:05 - 072520792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2018-10-31 17:59 - 2018-10-17 18:05 - 007178544 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2018-10-31 17:59 - 2018-10-17 18:05 - 007101816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2018-10-31 17:59 - 2018-10-17 18:05 - 002930224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2018-10-31 17:59 - 2018-10-17 18:05 - 000122400 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2018-10-31 17:59 - 2018-10-17 18:05 - 000118664 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2018-10-31 17:59 - 2018-10-17 18:05 - 000105384 _____ C:\WINDOWS\system32\audioLibVc.dll
2018-10-31 17:59 - 2018-10-17 17:41 - 023174577 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2018-10-31 17:59 - 2018-10-16 03:46 - 009899936 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2018-10-31 17:47 - 2018-10-31 17:47 - 000000000 ____D C:\Users\owner\AppData\Roaming\Mirillis
2018-10-31 17:47 - 2018-10-31 17:47 - 000000000 ____D C:\Users\owner\AppData\Local\Mirillis
2018-10-31 17:47 - 2018-10-31 17:47 - 000000000 ____D C:\ProgramData\Mirillis
2018-10-31 17:44 - 2018-10-31 17:44 - 000000000 ____D C:\Program Files (x86)\Mirillis
2018-10-31 17:38 - 2018-10-10 20:23 - 002164080 _____ C:\WINDOWS\ampa.exe
2018-10-31 17:38 - 2017-02-28 23:20 - 000038320 _____ C:\WINDOWS\SysWOW64\ampa.sys
2018-10-31 17:38 - 2017-02-28 23:20 - 000038320 _____ C:\WINDOWS\system32\ampa.sys
2018-10-31 17:37 - 2018-10-31 17:39 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant Unlimited Edition 7.5
2018-10-31 12:26 - 2018-11-03 11:20 - 000061808 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\mrigflt.sys
2018-10-31 12:26 - 2018-10-31 12:26 - 000062008 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\mrigflt.sys_
2018-10-31 11:48 - 2018-10-31 11:48 - 000000000 ____D C:\Users\owner\AppData\Roaming\Lanmisoft
2018-10-31 11:48 - 2018-10-31 11:48 - 000000000 ____D C:\ProgramData\Lanmisoft
2018-10-31 11:42 - 2018-10-31 11:42 - 000000000 ____D C:\Users\owner\AppData\Local\VS Revo Group
2018-10-31 10:49 - 2018-10-31 10:54 - 000000000 ____D C:\Program Files\DXO
2018-10-31 10:25 - 2018-10-31 10:25 - 000000000 ____D C:\Program Files (x86)\FastStone Image Viewer
2018-10-31 09:20 - 2018-10-31 09:20 - 000000000 ____D C:\XYplorer
2018-10-31 09:12 - 2018-10-31 09:12 - 000000000 ____D C:\Users\owner\Documents\DxO PhotoLab 2 logs
2018-10-31 09:05 - 2018-10-31 10:27 - 000000000 ____D C:\Program Files (x86)\UAC pass
2018-10-30 22:37 - 2018-10-30 22:37 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2018-10-29 13:50 - 2018-10-29 13:50 - 000175048 _____ (Locktime Software) C:\WINDOWS\system32\Drivers\nldrv.sys
2018-10-26 12:37 - 2018-10-26 12:37 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2018-10-26 12:30 - 2018-10-26 12:30 - 000000000 ____D C:\Users\owner\AppData\Roaming\Henry++
2018-10-26 12:29 - 2018-10-26 12:29 - 000000000 ____D C:\Program Files\Mem Reduct
2018-10-26 06:08 - 2018-10-26 06:08 - 000001057 _____ C:\Users\owner\AppData\Roaming\88e9dc3a-641c-4dc2-9204-9ba65cc42265
2018-10-26 06:08 - 2018-10-26 06:08 - 000000171 _____ C:\Users\owner\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2018-10-23 08:52 - 2018-10-23 08:52 - 000000000 ____D C:\Users\owner\AppData\Roaming\Actual Tools
2018-10-23 08:52 - 2018-10-23 08:52 - 000000000 ____D C:\ProgramData\Actual Tools
2018-10-23 08:51 - 2018-10-23 08:52 - 000000000 ____D C:\Program Files (x86)\Actual Transparent Window
2018-10-23 08:27 - 2018-10-23 08:27 - 000000000 ____D C:\Program Files (x86)\Tor Browser
2018-10-23 08:05 - 2018-10-23 08:05 - 000000000 ____D C:\Users\owner\AppData\Local\SolidDocuments
2018-10-22 04:54 - 2018-10-22 04:54 - 000000000 ____D C:\Users\owner\AppData\Local\Edraw
2018-10-22 04:52 - 2018-10-22 04:54 - 000000000 ____D C:\Program Files (x86)\Edraw Max 9.3
2018-10-22 02:53 - 2018-11-07 11:25 - 000476514 _____ C:\WINDOWS\system32\prfh0404.dat
2018-10-22 02:53 - 2018-11-07 11:25 - 000154856 _____ C:\WINDOWS\system32\prfc0404.dat
2018-10-22 02:53 - 2018-10-22 02:53 - 000000000 ____D C:\WINDOWS\SysWOW64\zh-HANT
2018-10-22 02:53 - 2018-10-22 02:52 - 000119764 _____ C:\WINDOWS\system32\prfi0404.dat
2018-10-22 02:53 - 2018-10-22 02:52 - 000033402 _____ C:\WINDOWS\system32\prfd0404.dat
2018-10-22 02:52 - 2018-10-22 02:52 - 000000000 ____D C:\WINDOWS\system32\zh-HANT
2018-10-22 02:45 - 2018-09-14 11:11 - 002350080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Data0404.dll
2018-10-22 02:45 - 2018-09-14 11:05 - 009720320 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Models0404.dll
2018-10-22 02:45 - 2018-09-14 11:05 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Lexicons0404.dll
2018-10-22 02:45 - 2018-09-14 11:00 - 000700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB70404.dll
2018-10-22 02:45 - 2018-09-14 10:52 - 002256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NL7Data0404.dll
2018-10-22 02:45 - 2018-09-14 10:42 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWB70404.dll
2018-10-22 02:45 - 2018-08-08 13:55 - 000001696 _____ C:\WINDOWS\system32\NOISE.CHT
2018-10-21 14:05 - 2018-11-05 17:36 - 000000000 ____D C:\Program Files (x86)\CrystalDiskMark
2018-10-21 14:05 - 2018-11-05 17:36 - 000000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2018-10-20 05:30 - 2018-10-20 05:30 - 000001024 ____H C:\SYSTAG.BIN
2018-10-20 01:09 - 2018-10-20 01:09 - 000000000 ____D C:\Program Files (x86)\Fonty
2018-10-20 00:55 - 2018-11-03 15:11 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2018-10-20 00:47 - 2018-10-20 00:47 - 000000000 ____D C:\Users\owner\AppData\Roaming\FontCreator
2018-10-18 03:54 - 2018-10-18 03:54 - 000000000 ____D C:\Program Files\YamicSoft
2018-10-18 03:35 - 2018-04-07 19:39 - 000045544 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\Drivers\TVALZ.SYS
2018-10-18 03:34 - 2018-10-17 21:06 - 003762152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2018-10-18 03:34 - 2018-10-17 21:06 - 000994552 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2018-10-18 03:33 - 2018-05-15 20:28 - 000401608 _____ (Intel Corporation) C:\WINDOWS\system32\ibtproppage.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 009696288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-10-18 02:15 - 2018-10-18 02:15 - 007861248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 006545296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 006062592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 005440016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 004588224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-10-18 02:15 - 2018-10-18 02:15 - 004245072 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-10-18 02:15 - 2018-10-18 02:15 - 003730336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-10-18 02:15 - 2018-10-18 02:15 - 002988544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 002469648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 002323888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 001824768 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 001749504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 001641592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 001476096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 001391080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2018-10-18 02:15 - 2018-10-18 02:15 - 001278808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2018-10-18 02:15 - 2018-10-18 02:15 - 001255736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-10-18 02:15 - 2018-10-18 02:15 - 001050632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-10-18 02:15 - 2018-10-18 02:15 - 001048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 000918304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 000818640 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-10-18 02:15 - 2018-10-18 02:15 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-10-18 02:15 - 2018-10-18 02:15 - 000604448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.applicationmodel.datatransfer.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 000582232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 000535056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-10-18 02:15 - 2018-10-18 02:15 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 000402376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 000298512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-10-18 02:15 - 2018-10-18 02:15 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 000262664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-10-18 02:15 - 2018-10-18 02:15 - 000193040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-10-18 02:15 - 2018-10-18 02:15 - 000175120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2018-10-18 02:15 - 2018-10-18 02:15 - 000157216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2018-10-17 07:26 - 2018-10-17 07:26 - 000000000 ____D C:\Users\owner\AppData\Roaming\DesktopDPO
2018-10-17 06:38 - 2018-10-17 06:38 - 000000000 ____D C:\ProgramData\Isolated Storage
2018-10-17 05:11 - 2018-10-17 05:11 - 000000000 ___SD C:\Users\owner\Documents\Mes sources de données
2018-10-16 03:38 - 2018-10-16 03:38 - 000000000 ____D C:\Users\owner\AppData\Roaming\ueli
2018-10-16 03:35 - 2018-10-16 03:35 - 000000000 ____D C:\Program Files\Notepad++
2018-10-14 02:35 - 2018-10-14 02:35 - 000000000 ____D C:\Program Files\Dr. Folder
2018-10-12 14:51 - 2018-10-12 14:51 - 000000000 ____D C:\Program Files\Wireshark
2018-10-12 05:15 - 2018-10-12 05:15 - 000000000 ____D C:\Program Files\Common Files\Native Instruments
2018-10-12 05:14 - 2018-10-14 04:10 - 000000000 ___RD C:\ProgramData\Arturia
2018-10-12 05:14 - 2018-10-14 04:10 - 000000000 ___RD C:\Program Files (x86)\Arturia
2018-10-12 05:14 - 2018-10-12 05:14 - 000000000 ____D C:\Program Files\Common Files\VST3
2018-10-11 03:53 - 2018-10-11 03:54 - 000000000 ____D C:\NetWorx
2018-10-11 03:53 - 2018-10-11 03:53 - 000000000 ____D C:\ProgramData\SoftPerfect
2018-10-11 03:53 - 2018-09-23 15:15 - 000114144 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\networx.sys
2018-10-11 03:27 - 2018-10-05 13:32 - 000000000 ____D C:\Program Files (x86)\BLACK WHITE projects 6
2018-10-10 16:59 - 2018-11-06 19:21 - 000003494 _____ C:\WINDOWS\System32\Tasks\WDU
2018-10-10 16:59 - 2018-11-06 19:21 - 000003268 _____ C:\WINDOWS\System32\Tasks\Wub_task
2018-10-10 01:13 - 2018-10-10 01:13 - 026805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 023440384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 022112072 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 020809216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 019024384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 012857856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 012151296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 011744256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 009951744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 005584056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 003981312 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-10-10 01:13 - 2018-10-10 01:13 - 003600896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 003556864 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 003380736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 003378176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-10-10 01:13 - 2018-10-10 01:13 - 002927096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-10-10 01:13 - 2018-10-10 01:13 - 002893312 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 002832896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 002721280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-10-10 01:13 - 2018-10-10 01:13 - 002625552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-10-10 01:13 - 2018-10-10 01:13 - 002488320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-10-10 01:13 - 2018-10-10 01:13 - 002435488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 002186752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 002045952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmswitch.sys
2018-10-10 01:13 - 2018-10-10 01:13 - 002020560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 001863168 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 001830912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 001797128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 001672072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 001590288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 001520208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 001466992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 001360896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-10-10 01:13 - 2018-10-10 01:13 - 001106744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lxcore.sys
2018-10-10 01:13 - 2018-10-10 01:13 - 000863752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-10-10 01:13 - 2018-10-10 01:13 - 000850960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wnv.sys
2018-10-10 01:13 - 2018-10-10 01:13 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-10-10 01:13 - 2018-10-10 01:13 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-10-09 04:06 - 2018-11-07 11:27 - 000000000 ____D C:\FRST
2018-10-09 02:59 - 2018-10-09 02:59 - 000000000 ____D C:\ProgramData\PDVD
2018-10-09 02:59 - 2018-10-09 02:59 - 000000000 ____D C:\ProgramData\install_backup
2018-10-09 02:59 - 2018-10-09 02:59 - 000000000 ____D C:\Program Files (x86)\CyberLink
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-07 11:25 - 2018-10-03 04:59 - 003876046 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-07 11:25 - 2018-09-15 17:54 - 000513410 _____ C:\WINDOWS\system32\perfh011.dat
2018-11-07 11:25 - 2018-09-15 17:54 - 000154512 _____ C:\WINDOWS\system32\perfc011.dat
2018-11-07 11:25 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2018-11-07 11:25 - 2018-04-30 19:31 - 001301562 _____ C:\WINDOWS\system32\perfh00C.dat
2018-11-07 11:25 - 2018-04-30 19:31 - 000292168 _____ C:\WINDOWS\system32\perfc00C.dat
2018-11-07 11:22 - 2018-08-11 01:15 - 000000000 ____D C:\Users\owner\AppData\Local\OpenShell
2018-11-07 11:20 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-07 11:20 - 2017-06-22 20:28 - 000000000 ____D C:\Users\owner\AppData\Roaming\Zentimo
2018-11-07 11:20 - 2016-06-06 20:22 - 000000000 ____D C:\My CPU Monitor
2018-11-07 11:19 - 2018-10-03 04:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-11-07 11:19 - 2018-07-27 03:11 - 000000000 ____D C:\WINDOWS\Prey
2018-11-07 11:19 - 2017-07-28 15:30 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-11-07 11:19 - 2016-03-10 09:25 - 000000000 __SHD C:\Users\owner\IntelGraphicsProfiles
2018-11-07 10:59 - 2016-06-13 12:22 - 000000000 ____D C:\Users\owner\AppData\Roaming\The Bat!
2018-11-07 10:58 - 2018-10-03 04:59 - 000000000 ____D C:\WINDOWS\System32\Tasks\Open Hardware Monitor
2018-11-07 09:52 - 2018-10-03 04:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-07 08:29 - 2018-08-12 04:45 - 000001024 ____H C:\AMTAG.BIN
2018-11-06 23:00 - 2016-06-05 00:17 - 000000000 ____D C:\Users\owner\AppData\Roaming\vlc
2018-11-06 22:25 - 2016-06-08 19:20 - 000000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hardware
2018-11-06 22:20 - 2018-03-19 20:43 - 000000000 ____D C:\Users\owner\AppData\Roaming\foobar2000
2018-11-06 21:06 - 2017-05-09 21:49 - 000000000 ____D C:\Program Files (x86)\Destroy Windows 10 Spying
2018-11-06 19:37 - 2018-08-18 03:18 - 000000000 ____D C:\Windows Update Minitools avec script Wrapper
2018-11-06 18:07 - 2018-08-15 03:58 - 000000000 ____D C:\Users\owner\AppData\Roaming\AutoSizer
2018-11-06 18:00 - 2018-09-15 07:09 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2018-11-06 17:42 - 2017-04-16 15:29 - 000000000 ____D C:\Users\owner\AppData\Roaming\chessx
2018-11-06 16:14 - 2018-04-11 16:24 - 000000000 ____D C:\Program Files (x86)\Right Click Enhancer
2018-11-06 14:08 - 2018-04-30 19:52 - 000000000 ____D C:\Users\owner\AppData\Roaming\VMware
2018-11-06 14:08 - 2016-06-12 17:01 - 000000000 ____D C:\Users\owner\AppData\Local\VMware
2018-11-06 14:04 - 2016-06-12 16:56 - 000000000 ____D C:\ProgramData\VMware
2018-11-06 13:42 - 2016-06-12 09:51 - 000000000 ___RD C:\Users\owner\Creative Cloud Files
2018-11-06 13:42 - 2016-06-12 09:37 - 000000000 ____D C:\Users\owner\AppData\Local\Adobe
2018-11-06 13:36 - 2018-03-04 14:49 - 000000000 ____D C:\Program Files\usbdeview x64
2018-11-06 13:09 - 2017-04-17 18:47 - 000000000 ____D C:\Users\owner\AppData\Local\CrashDumps
2018-11-06 10:59 - 2018-05-01 15:07 - 000000000 ____D C:\Program Files\DesktopOK
2018-11-06 09:38 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-06 09:38 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-11-06 09:30 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-11-06 09:29 - 2016-06-12 12:17 - 000000000 ____D C:\Program Files\Microsoft Office
2018-11-05 22:53 - 2018-05-02 17:19 - 000000000 ____D C:\Program Files\Everything x64
2018-11-05 21:54 - 2016-06-08 19:24 - 000000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Musique
2018-11-05 21:22 - 2018-07-12 06:15 - 000000000 ____D C:\Program Files\CoreTemp64
2018-11-05 20:04 - 2017-03-25 22:52 - 000000000 ____D C:\Users\owner\AppData\Roaming\audacity
2018-11-05 19:47 - 2018-03-19 20:43 - 000000000 ____D C:\Program Files (x86)\foobar2000
2018-11-05 13:28 - 2016-06-08 16:55 - 000000000 ____D C:\Icônes
2018-11-05 08:29 - 2018-10-04 06:33 - 000000000 ____D C:\Program Files\EqualizerAPO
2018-11-05 08:21 - 2016-06-08 19:20 - 000000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Système
2018-11-05 08:17 - 2017-05-26 11:55 - 000000000 ____D C:\Users\owner\AppData\Roaming\Locktime Software
2018-11-05 08:12 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-11-04 22:52 - 2018-03-17 12:22 - 000000000 ____D C:\Users\owner\AppData\Local\birdfont
2018-11-04 22:15 - 2018-10-03 04:21 - 000000000 ____D C:\Users\owner
2018-11-04 22:12 - 2016-02-13 14:00 - 000000000 ____D C:\WINDOWS\ShellNew
2018-11-04 21:56 - 2018-09-28 14:43 - 000000000 ____D C:\Program Files (x86)\4dots Software
2018-11-04 17:39 - 2017-10-19 05:05 - 000000000 ____D C:\Users\owner\AppData\Local\Packages
2018-11-03 21:46 - 2016-06-08 20:24 - 000000000 ____D C:\Users\owner\AppData\Roaming\Rainmeter
2018-11-03 19:02 - 2018-10-03 04:59 - 000002816 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-gokpok@hotmail.com
2018-11-03 18:31 - 2017-06-13 22:13 - 000000000 ____D C:\Users\Public\Documents\Adobe
2018-11-03 18:31 - 2016-06-12 10:20 - 000000000 ____D C:\Program Files\Adobe
2018-11-03 18:31 - 2016-06-08 19:22 - 000000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe
2018-11-03 18:31 - 2016-03-10 09:25 - 000000000 ____D C:\Users\owner\AppData\Roaming\Adobe
2018-11-03 17:25 - 2017-03-01 08:49 - 000000000 ____D C:\Corbeille
2018-11-03 17:21 - 2016-06-08 19:21 - 000000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image
2018-11-03 17:18 - 2016-06-08 19:21 - 000000000 ___RD C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Multimédia
2018-11-03 17:17 - 2018-01-17 12:11 - 000000000 ____D C:\Program Files\XnConvert
2018-11-03 13:38 - 2016-06-12 10:20 - 000000000 ____D C:\Program Files\Common Files\Adobe
2018-11-03 13:14 - 2018-04-23 18:35 - 000000000 ____D C:\Program Files (x86)\Door Control
2018-11-03 12:55 - 2018-03-31 10:58 - 000000000 ____D C:\Program Files (x86)\Privazer
2018-11-03 12:54 - 2018-07-11 03:14 - 000000000 ____D C:\Program Files (x86)\FontViewOK
2018-11-03 12:47 - 2016-06-12 09:51 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-11-03 12:37 - 2014-12-10 18:06 - 000000000 ____D C:\ProgramData\Adobe
2018-11-03 11:31 - 2016-06-08 19:21 - 000000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Protection
2018-11-03 11:30 - 2016-06-08 19:21 - 000000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Custom
2018-11-03 11:23 - 2018-06-25 11:44 - 000000000 ____D C:\Program Files (x86)\Wise Disk Cleaner
2018-11-03 11:20 - 2017-08-15 13:55 - 000000000 ____D C:\Program Files\Macrium
2018-11-03 11:20 - 2017-03-12 20:22 - 000073392 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\mrcbt.sys
2018-11-03 11:15 - 2016-06-14 19:54 - 000000000 ____D C:\Users\owner\AppData\Roaming\ZHP
2018-11-03 10:46 - 2018-04-11 20:55 - 000000081 _____ C:\Users\owner\AppData\Local\FILM_AE_LogFile.txt
2018-11-03 10:44 - 2018-04-11 20:55 - 000000738 _____ C:\Users\owner\Documents\CIV_LogFile.txt
2018-11-03 10:38 - 2017-03-03 09:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2018-11-03 08:11 - 2018-07-18 10:15 - 000000000 ____D C:\Program Files (x86)\Hard Disk Sentinel Pro
2018-11-01 17:03 - 2018-10-03 04:59 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2018-11-01 17:00 - 2018-03-16 10:09 - 000000000 ____D C:\Users\owner\AppData\Roaming\NCH Software
2018-11-01 17:00 - 2018-03-16 10:09 - 000000000 ____D C:\ProgramData\NCH Software
2018-11-01 17:00 - 2018-03-16 10:09 - 000000000 ____D C:\Program Files (x86)\NCH Software
2018-11-01 16:00 - 2017-12-08 02:01 - 000000000 ____D C:\Users\owner\AppData\Local\NordVPN
2018-11-01 16:00 - 2017-12-08 02:00 - 000000000 ____D C:\Users\owner\AppData\Roaming\NordVPN
2018-11-01 15:52 - 2018-08-11 01:27 - 000000000 ____D C:\Users\owner\AppData\Local\cache
2018-11-01 15:30 - 2016-06-17 20:16 - 000000000 ____D C:\Program Files (x86)\SRMX
2018-11-01 15:18 - 2016-06-08 19:21 - 000000000 ___RD C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet
2018-11-01 13:40 - 2016-06-12 12:43 - 000000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Office 2019
2018-11-01 12:39 - 2017-03-10 17:56 - 000000000 ____D C:\Users\owner\Documents\Programmes Windows 10
2018-10-31 23:04 - 2018-04-15 11:43 - 003173248 _____ C:\Users\owner\ZHPDiag3.exe
2018-10-31 22:06 - 2018-08-19 01:21 - 000000000 ____D C:\Program Files (x86)\sumo
2018-10-31 20:51 - 2017-11-21 13:18 - 000000000 ____D C:\Program Files\waterfox
2018-10-31 18:08 - 2018-10-03 04:59 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel
2018-10-31 18:00 - 2018-03-19 16:54 - 000000000 ____D C:\WINDOWS\system32\RTCOM
2018-10-31 18:00 - 2017-07-28 15:30 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-10-31 17:59 - 2018-08-03 12:54 - 000000000 ____D C:\SDI
2018-10-31 14:23 - 2016-06-12 09:46 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-10-31 13:12 - 2018-09-20 05:46 - 000000000 ____D C:\Users\owner\AppData\Roaming\MPC-HC
2018-10-31 12:26 - 2017-03-12 20:22 - 000072304 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\mrcbt.sys_
2018-10-31 12:12 - 2017-03-12 10:42 - 000088944 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\mrcbtes.dll
2018-10-31 09:24 - 2016-06-06 18:07 - 000000000 ____D C:\Users\owner\AppData\Local\Downloaded Installations
2018-10-31 09:23 - 2016-06-12 18:51 - 000000000 ____D C:\ProgramData\DxO Labs
2018-10-31 09:21 - 2018-02-14 14:34 - 000000000 ____D C:\ProgramData\DxO
2018-10-30 22:47 - 2018-09-16 06:35 - 000000000 ____D C:\Program Files\Sysinternals Tools
2018-10-30 22:45 - 2018-08-07 03:58 - 000000000 ____D C:\Program Files (x86)\Ccleaner
2018-10-26 12:37 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-10-26 12:37 - 2018-08-21 05:21 - 000000000 ____D C:\WINDOWS\SysWOW64\PolicyDefinitions
2018-10-26 12:32 - 2018-08-12 03:38 - 000000000 ____D C:\Users\owner\AppData\Local\Package Cache
2018-10-26 12:25 - 2016-10-23 07:59 - 000000000 ____D C:\Program Files\Registry Finder
2018-10-26 06:29 - 2016-06-06 19:32 - 000000000 ____D C:\ProgramData\IOffSvc
2018-10-25 06:16 - 2018-05-10 21:51 - 000000000 ____D C:\Program Files\Opera
2018-10-24 14:04 - 2018-08-05 10:15 - 000000000 ____D C:\WinaeroTweaker
2018-10-23 13:25 - 2018-07-12 07:22 - 000107896 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2018-10-23 13:25 - 2018-04-30 19:34 - 000188832 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2018-10-23 13:25 - 2018-04-30 19:34 - 000143448 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2018-10-23 13:25 - 2018-04-30 19:34 - 000109864 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2018-10-23 13:17 - 2018-07-12 03:21 - 000000000 ____D C:\4K Video Downloader
2018-10-23 08:28 - 2018-02-26 10:36 - 000000000 ____D C:\Program Files\ExamDiff Pro
2018-10-23 08:28 - 2017-11-09 16:22 - 000000000 ____D C:\Users\owner\AppData\Local\PlaceholderTileLogoFolder
2018-10-23 08:25 - 2018-10-03 04:59 - 000003150 _____ C:\WINDOWS\System32\Tasks\WindowManager
2018-10-23 08:25 - 2018-07-23 12:35 - 000000000 ____D C:\Program Files (x86)\WindowManager
2018-10-23 08:00 - 2018-10-03 04:59 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-10-22 04:46 - 2018-04-01 13:29 - 000000000 ____D C:\Users\owner\.zenmap
2018-10-22 02:53 - 2018-10-03 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2018-10-22 02:53 - 2018-09-15 17:54 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2018-10-22 02:53 - 2018-09-15 17:54 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2018-10-22 02:53 - 2018-09-15 17:54 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2018-10-22 02:53 - 2018-09-15 17:54 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2018-10-22 02:53 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-10-22 02:53 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-10-22 02:53 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-10-22 02:53 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2018-10-22 02:53 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2018-10-22 02:53 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-10-22 02:53 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\com
2018-10-22 02:53 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-10-22 02:52 - 2018-10-03 04:19 - 000000000 ___SD C:\WINDOWS\system32\lxss
2018-10-22 02:52 - 2018-09-15 17:56 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-10-22 02:52 - 2018-09-15 17:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2018-10-22 02:52 - 2018-09-15 17:56 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-10-22 02:52 - 2018-09-15 17:54 - 000000000 ____D C:\WINDOWS\system32\winrm
2018-10-22 02:52 - 2018-09-15 17:54 - 000000000 ____D C:\WINDOWS\system32\WCN
2018-10-22 02:52 - 2018-09-15 17:54 - 000000000 ____D C:\WINDOWS\system32\slmgr
2018-10-22 02:52 - 2018-09-15 17:54 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\system32\dsc
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\MUI
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\com
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\IME
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\Windows Defender
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\Common Files\system
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-10-22 02:52 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-10-22 02:52 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-10-22 02:52 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\servicing
2018-10-22 02:45 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\Globalization
2018-10-21 13:36 - 2018-10-03 04:59 - 000003958 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1525985527
2018-10-21 03:06 - 2015-04-11 01:06 - 000000000 ____D C:\ProgramData\Package Cache
2018-10-21 00:55 - 2017-06-18 19:34 - 000000000 ____D C:\AdwCleaner
2018-10-20 05:30 - 2018-04-10 15:11 - 000000082 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2018-10-20 04:53 - 2017-12-20 14:09 - 000000144 _____ C:\WINDOWS\wisefs.dat
2018-10-20 02:39 - 2016-06-12 10:22 - 000000000 ____D C:\Users\owner\Documents\Adobe
2018-10-20 02:26 - 2018-10-03 04:59 - 000003270 _____ C:\WINDOWS\System32\Tasks\Adobe Uninstaller
2018-10-20 00:55 - 2016-10-28 10:23 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-10-20 00:47 - 2018-09-14 03:11 - 000000000 ____D C:\Users\owner\AppData\Roaming\FontBase
2018-10-19 13:57 - 2017-02-18 19:37 - 000007608 _____ C:\Users\owner\AppData\Local\Resmon.ResmonCfg
2018-10-19 05:20 - 2018-04-30 19:30 - 000000000 ____D C:\WINDOWS\SysWOW64\fr
2018-10-19 05:20 - 2018-04-30 19:30 - 000000000 ____D C:\WINDOWS\system32\fr
2018-10-19 03:35 - 2018-04-30 19:31 - 000351124 _____ C:\WINDOWS\system32\perfi00C.dat
2018-10-19 03:35 - 2018-04-30 19:31 - 000040694 _____ C:\WINDOWS\system32\perfd00C.dat
2018-10-19 03:25 - 2017-03-11 14:37 - 000000000 ____D C:\ProgramData\ProductData
2018-10-19 03:25 - 2017-03-11 14:34 - 000000000 ____D C:\Users\owner\AppData\Roaming\IObit
2018-10-19 03:25 - 2016-06-14 12:06 - 000000000 ____D C:\ProgramData\IObit
2018-10-19 03:24 - 2018-08-28 07:59 - 000000000 ____D C:\IObit Uninstaller
2018-10-18 03:36 - 2017-02-27 19:28 - 000000000 ____D C:\Users\owner\AppData\Local\Greenshot
2018-10-18 03:35 - 2018-10-03 04:59 - 000003214 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2018-10-18 02:24 - 2018-06-25 20:08 - 000000000 ____D C:\Program Files (x86)\wifiinfoview
2018-10-18 02:21 - 2018-08-22 07:20 - 000000000 ____D C:\WiseCare365
2018-10-18 02:16 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-10-18 02:16 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-10-18 02:04 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-10-17 18:06 - 2018-08-21 05:28 - 006410288 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2018-10-17 18:06 - 2018-08-21 05:28 - 000023768 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2018-10-16 04:39 - 2018-10-03 04:04 - 000000000 ___DC C:\WINDOWS\Panther
2018-10-16 04:39 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2018-10-16 03:46 - 2018-08-21 05:27 - 000928496 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsPer.sys
2018-10-16 03:43 - 2015-04-11 00:53 - 000000000 ____D C:\ProgramData\Intel
2018-10-16 03:41 - 2017-07-28 15:30 - 000000000 ____D C:\Program Files\Intel
2018-10-16 03:39 - 2018-09-14 12:29 - 000000000 ____D C:\Program Files\System information Viewer
2018-10-16 03:33 - 2018-08-19 13:17 - 000000000 ____D C:\Program Files (x86)\EZ CDAudio Converter
2018-10-15 13:20 - 2018-10-03 09:23 - 000000000 ____D C:\Users\owner\AppData\Local\MSfree Inc
2018-10-14 04:38 - 2017-12-14 12:44 - 000189584 _____ (Ray Hinchliffe) C:\WINDOWS\system32\Drivers\SIVX64.sys
2018-10-13 03:26 - 2016-06-14 12:06 - 000000000 ____D C:\Program Files (x86)\IObit
2018-10-12 05:22 - 2018-05-04 11:39 - 000000000 ____D C:\Program Files\Text Editor Pro
2018-10-12 04:57 - 2016-06-06 15:27 - 000000524 __RSH C:\ProgramData\ntuser.pol
2018-10-11 04:22 - 2016-06-18 20:31 - 000000000 ____D C:\Program Files\Win10 Spy Disabler
2018-10-11 03:17 - 2016-10-27 11:11 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2018-10-11 03:17 - 2016-10-27 11:11 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2018-10-11 02:42 - 2016-12-11 11:17 - 000000000 ____D C:\Program Files\Common Files\logishrd
2018-10-10 17:21 - 2016-10-17 08:28 - 000000000 ____D C:\Users\owner\AppData\Roaming\Eusing
2018-10-10 01:45 - 2016-10-23 07:59 - 000000000 ____D C:\Users\owner\AppData\Roaming\RegistryFinder
2018-10-10 01:18 - 2017-10-19 06:09 - 000000000 ___RD C:\Users\owner\3D Objects
2018-10-10 01:18 - 2016-02-13 14:13 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-10 01:02 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-10-10 01:02 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-10-09 03:00 - 2016-06-10 16:52 - 000000000 ____D C:\Users\owner\AppData\Roaming\CyberLink
2018-10-09 03:00 - 2016-06-10 16:47 - 000000000 ____D C:\ProgramData\SUPPORTDIR
2018-10-09 02:59 - 2018-02-25 16:26 - 000000000 ___HD C:\ProgramData\CyberLink
2018-10-09 02:59 - 2018-02-25 14:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\CLFCL5.18
2018-10-09 02:59 - 2018-02-25 14:10 - 000000000 ____D C:\ProgramData\CLSK
2018-10-09 02:59 - 2016-06-10 16:48 - 000000000 ____D C:\Users\owner\AppData\Local\CyberLink
2018-10-09 02:59 - 2016-06-10 16:48 - 000000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2018-10-09 02:59 - 2016-06-10 16:47 - 000000000 ____D C:\ProgramData\install_clap
2018-10-09 02:59 - 2014-12-10 18:04 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-10-08 13:08 - 2018-06-27 09:43 - 000000000 ____D C:\ProgramData\Packages
==================== Files in the root of some directories =======
2017-12-01 06:07 - 2018-08-21 04:20 - 003270016 _____ () C:\Users\owner\ZHPCleaner.exe
2018-04-15 11:43 - 2018-10-31 23:04 - 003173248 _____ () C:\Users\owner\ZHPDiag3.exe
2018-01-29 12:52 - 2018-08-18 05:02 - 001559936 _____ () C:\Users\owner\ZHPLite.exe
2018-07-11 03:08 - 2018-07-04 22:55 - 016629504 _____ (Tracker Software Products (Canada) Ltd.) C:\Program Files\PDF X-change viewer.exe
2018-03-10 18:39 - 2018-06-27 07:12 - 000055296 _____ (WinTools) C:\Program Files (x86)\Change size.exe
2018-04-12 09:22 - 2018-04-12 08:40 - 000153088 _____ () C:\Program Files (x86)\Chrono.exe
2018-07-15 01:25 - 2018-07-14 02:13 - 000073216 _____ (WinTools) C:\Program Files (x86)\colorclassic.exe
2016-09-26 18:40 - 2016-09-26 18:40 - 000001981 _____ () C:\Program Files (x86)\FirstBackup.spg
2018-04-30 19:15 - 2018-04-30 07:18 - 004787712 _____ (Nebojsa Vucinic Trebinje) C:\Program Files (x86)\Hosts File Editor.exe
2017-02-16 09:34 - 2017-02-14 06:27 - 000211968 _____ (Kazuyuki Nakayama) C:\Program Files (x86)\HotSwap!.EXE
2018-08-07 04:09 - 2017-12-25 16:34 - 001008640 _____ (Wenovo.com) C:\Program Files (x86)\Pictures to color.exe
2017-12-20 14:23 - 2018-02-12 11:57 - 002162824 _____ (Sysinternals - www.sysinternals.com) C:\Program Files (x86)\Procmon.exe
2017-12-28 09:08 - 2017-03-21 14:55 - 000058880 _____ (TheWindowsClub) C:\Program Files (x86)\ScreenOff 2.1.exe
2016-09-26 18:37 - 2018-07-31 12:14 - 000684032 _____ (Speed Guide Inc.) C:\Program Files (x86)\TCPOptimizer.exe
2017-12-10 15:35 - 2018-08-29 02:59 - 000086016 _____ (blackholeearth) C:\Program Files (x86)\Windows 10 Brightness Slider.exe
2018-10-26 06:08 - 2018-10-26 06:08 - 000000171 _____ () C:\Users\owner\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2018-10-26 06:08 - 2018-10-26 06:08 - 000001057 _____ () C:\Users\owner\AppData\Roaming\88e9dc3a-641c-4dc2-9204-9ba65cc42265
2017-01-21 12:43 - 2018-04-06 18:43 - 000000033 _____ () C:\Users\owner\AppData\Roaming\AdobeWLCMCache.dat
2018-03-23 22:46 - 2018-03-23 22:46 - 000000212 _____ () C:\Users\owner\AppData\Roaming\ex_log.txt
2018-03-23 22:46 - 2018-03-23 22:46 - 000001884 _____ () C:\Users\owner\AppData\Roaming\thebat64_Exceptions.log
2017-03-23 21:48 - 2017-03-23 21:48 - 000003584 _____ () C:\Users\owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-04-11 20:55 - 2018-11-03 10:46 - 000000081 _____ () C:\Users\owner\AppData\Local\FILM_AE_LogFile.txt
2018-10-07 03:07 - 2018-10-07 03:07 - 000000000 _____ () C:\Users\owner\AppData\Local\oobelibMkey.log
2018-04-01 13:31 - 2018-04-01 13:31 - 000000218 _____ () C:\Users\owner\AppData\Local\recently-used.xbel
2017-02-18 19:37 - 2018-10-19 13:57 - 000007608 _____ () C:\Users\owner\AppData\Local\Resmon.ResmonCfg
2018-04-01 13:29 - 2018-04-01 13:29 - 000000000 _____ () C:\Users\owner\AppData\Local\zenmap.exe.log
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Ran by owner (administrator) on PC (07-11-2018 11:27:35)
Running from C:\Users\owner\Desktop
Loaded Profiles: owner (Available Profiles: owner)
Platform: Windows 10 Pro Version 1809 17763.104 (X64) Language: Japonais (Japon)
Internet Explorer Version 11 (Default browser: "C:\Program Files\Waterfox\waterfox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\Program Files (x86)\InternetOff\IOffSvc.exe
(Crystal Rich Ltd) C:\Zentimo\ZentimoService.exe
(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Prey, Inc.) C:\Windows\Prey\wpxsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
() C:\Program Files (x86)\BWMeter\BWMeterConSvc.exe
(ArcticLine Software) C:\Program Files (x86)\FileMarker.NET\FileMarkerService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe
() C:\Windows\SysWOW64\NMSAccess64.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files (x86)\NordVPN\nordvpn-service.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Windows\SysWOW64\SMITSC.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Toshiba Client Solutions Co., Ltd.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_33799fcff12fb0e2\RMService.exe
(BiniSoft.org) C:\Program Files\Windows Firewall Control\wfcs.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe
(Node.js) C:\Windows\Prey\versions\1.8.1\bin\node.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Moo0) C:\Program Files (x86)\Moo0\TransparentMenu 1.20\TransparentMenu.exe
(ALCPU) C:\Program Files\CoreTemp64\Core Temp.exe
(H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel Pro\HDSentinel.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Open-Shell) C:\Program Files\Open-Shell\StartMenu.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Fork, Ltd.) C:\Windows\Prey\versions\1.8.1\node_modules\triggers\bin\lightevt.exe
(Moo0) C:\Program Files (x86)\Moo0\TransparentMenu 1.20\TransparentMenu64.exe
() C:\Program Files (x86)\BetterDesktopTool\BetterDesktopTool.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
() C:\Program Files (x86)\BetterDesktopTool\BetterDesktopToolServer.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Toshiba Client Solutions Co., Ltd.) C:\Program Files\TOSHIBA\System Setting\TCrdMain_Win8.exe
(Toshiba Client Solutions Co., Ltd.) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(BiniSoft.org) C:\Program Files\Windows Firewall Control\wfc.exe
() C:\Program Files (x86)\Stick it 1.00.0b\Stick-It!.exe
(SoftPerfect) C:\NetWorx\networx.exe
(Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
() C:\Program Files (x86)\InternetOff\InternetOff.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(My Portable Software) C:\My CPU Monitor\My CPU Monitor.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
() C:\Program Files (x86)\WinSplit Revolution\WinSplit.exe
() C:\Program Files (x86)\WinSplit Revolution\WinSplitDrvr32.exe
() C:\Program Files (x86)\WinSplit Revolution\WinSplitDrvr64.exe
(SFX TEAM) C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe
(ITSamples.com) C:\Program Files (x86)\Disk activity indicator\DiskActivity.exe
() C:\Users\owner\AppData\Roaming\Textify\Textify.exe
(Simnet Ltd. ) C:\Program Files (x86)\Simple Sticky Notes\ssn.exe
(Crystal Rich Ltd) C:\Zentimo\Zentimo.exe
(Alexandr Irza) C:\Program Files (x86)\Volume2\Volume2.exe
(Digola) C:\Program Files (x86)\Door Control\doorcontrol.exe
(NirSoft) C:\Program Files\volumouse-x64\volumouse.exe
() C:\Program Files\volumouse-x64\volumouse32.exe
(Nenad Hrg SoftwareOK) C:\Program Files\DesktopOK\DesktopOK_x64.exe
(South Bay Software) C:\Program Files (x86)\AutoSizer\AutoSizer.exe
(Guillaume Ryder (hxxp://utilfr42.free.fr)) C:\Users\owner\AppData\Local\Clavier+\Clavier.exe
(RaMMicHaeL) C:\Users\owner\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe
(Actual Tools) C:\Program Files (x86)\Actual Transparent Window\ActualTransparentWindowCenter.exe
(Actual Tools) C:\Program Files (x86)\Actual Transparent Window\ActualTransparentWindowCenter64.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLClientApp.exe
(Henry++) C:\Program Files\Mem Reduct\memreduct.exe
(blackholeearth) C:\Program Files (x86)\Windows 10 Brightness Slider.exe
(Care Your Eyes) C:\CareUEyes\App\ProgramFiles\careueyes.exe
(File-New-Project) C:\Program Files\WindowsApps\40459File-New-Project.EarTrumpet_2.0.7.0_x86__1sdd7yawvg6ne\EarTrumpet\EarTrumpet.exe
(Carthago Software) C:\Program Files (x86)\MemInfo\meminfo.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
() C:\Program Files (x86)\Gest\Gest.exe
(www.sordum.org) C:\Program Files (x86)\KeyFreeze\KeyFreeze_x64.exe
() C:\Program Files\ShellFolderFix64\ShellFolderFixUI.exe
(Core Technologies Consulting, LLC) C:\Program Files (x86)\ServiceCommander\ServiceCommander.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\wizmouse 1.7.0.3 portable\WizMouse.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [413664 2017-05-22] (Alps Electric Co., Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322104 2016-02-03] (Intel Corporation)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Greenshot)
HKLM\...\Run: [TCrdMain] => C:\Program Files\Toshiba\System Setting\TCrdMain_Win8.exe [530240 2016-07-11] (Toshiba Client Solutions Co., Ltd.)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [187184 2016-07-18] (Toshiba Client Solutions Co., Ltd.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2018-10-23] (ESET)
HKLM\...\Run: [Windows Firewall Control] => C:\Program Files\Windows Firewall Control\wfc.exe [639192 2018-08-05] (BiniSoft.org)
HKLM\...\Run: [StartupDelayer] => C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe [1254400 2015-12-18] (r2 Studios)
HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [216576 2018-08-18] (Open-Shell)
HKLM\...\Run: [OODefragTray] => C:\Program Files\O&O Defrag Professional\App\Defrag64\oodtray.exe [5126944 2018-09-18] (O&O Software GmbH)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [NetWorx] => C:\NetWorx\networx.exe [12803624 2018-10-08] (SoftPerfect)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2179720 2018-09-22] (Logitech, Inc.)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [5854280 2018-10-30] (Paramount Software UK Ltd)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2018-09-20] (Adobe Systems Inc.)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [125872 2018-09-18] (VMware, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PowerDVD18Agent] => C:\Program Files (x86)\CyberLink\PowerDVD18\PowerDVD18Agent.exe [528840 2018-10-02] (CyberLink Corp.)
HKLM\...\Policies\Explorer: [NoInstrumentation] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Corporation)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [InternetOff] => C:\Program Files (x86)\InternetOff\InternetOff.exe [3182360 2016-05-25] ()
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [My CPU Monitor] => C:\My CPU Monitor\My CPU Monitor.exe [280064 2015-10-20] (My Portable Software)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Winsplit] => C:\Program Files (x86)\WinSplit Revolution\WinSplit.exe [3951616 2011-04-12] ()
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [SuperCopier2.exe] => C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe [955392 2009-08-16] (SFX TEAM)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [CS Dispatch] => C:\Users\owner\AppData\Roaming\OTi\EASYKMLink\FunctModules\{23863E42-6AAC-482c-81D2-BD6A23CCFEF8}\EASYKMLink.exe [576592 2012-10-30] ()
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [DiskIndicator] => C:\Program Files (x86)\Disk activity indicator\DiskActivity.exe [131072 2014-12-19] (ITSamples.com)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Textify] => C:\Users\owner\AppData\Roaming\Textify\Textify.exe [263680 2017-10-05] ()
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Simple Sticky Notes] => C:\Program Files (x86)\Simple Sticky Notes\ssn.exe [1432000 2018-06-19] (Simnet Ltd. )
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Zentimo xStorage Manager] => C:\Zentimo\Zentimo.exe [7040608 2018-09-09] (Crystal Rich Ltd)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Volume2] => C:\Program Files (x86)\Volume2\Volume2.exe [4797952 2018-06-23] (Alexandr Irza)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Doorcontrol] => C:\Program Files (x86)\Door Control\doorcontrol.exe [799744 2018-10-13] (Digola)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [$Volumouse$] => C:\Program Files\volumouse-x64\volumouse.exe [94816 2014-10-03] (NirSoft)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [DesktopOK] => C:\Program Files\DesktopOK\DesktopOK_x64.exe [716672 2018-11-06] (Nenad Hrg SoftwareOK)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [AutoSizer] => C:\Program Files (x86)\AutoSizer\AutoSizer.exe [131072 2018-08-15] (South Bay Software)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Clavier+] => C:\Users\owner\AppData\Local\Clavier+\Clavier.exe [157184 2018-07-07] (Guillaume Ryder (hxxp://utilfr42.free.fr))
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [7 Taskbar Tweaker] => C:\Users\owner\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe [464896 2018-10-12] (RaMMicHaeL)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Actual Transparent Window] => C:\Program Files (x86)\Actual Transparent Window\ActualTransparentWindowCenter.exe [561408 2018-10-04] (Actual Tools)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Mem Reduct] => C:\Program Files\Mem Reduct\memreduct.exe [306176 2018-10-20] (Henry++)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [74752 2018-11-03] (Locktime Software)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [Win10_BrightnessSlider] => C:\Program Files (x86)\Windows 10 Brightness Slider.exe [86016 2018-08-29] (blackholeearth)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [CareUEyes] => C:\CareUEyes\App\ProgramFiles\CareUEyes.exe [929792 2018-11-21] (Care Your Eyes)
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Run: [KeepMouseSpeedOK] => C:\Users\owner\Desktop\KeepMouseSpeedOK_Portable\KMS_OK_p.exe [56200 2018-11-06] (Nenad Hrg (SoftwareOK.com))
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Policies\Explorer: [HideSCAVolume] 0
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\...\Policies\Explorer: [NoLogoff] 1
IFEO\taskmgr.exe: [Debugger] C:\Program Files\Task Manager\tm.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Gest.lnk [2016-06-09]
ShortcutTarget: Gest.lnk -> C:\Users\owner\AppData\Roaming\Gest\GestLauncher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MemInfo.lnk [2016-06-05]
ShortcutTarget: MemInfo.lnk -> C:\Program Files (x86)\MemInfo\meminfo.exe (Carthago Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PopChar.lnk [2018-08-01]
ShortcutTarget: PopChar.lnk -> C:\Program Files\Ergonis\PopChar\PopChar.exe (Ergonis Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2016-06-08]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter)
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2018-10-03] ()
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gest.lnk [2016-06-09]
ShortcutTarget: Gest.lnk -> C:\Users\owner\AppData\Roaming\Gest\GestLauncher.exe ()
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KeyFreeze x64.lnk [2018-11-01]
ShortcutTarget: KeyFreeze x64.lnk -> C:\Program Files (x86)\KeyFreeze\KeyFreeze_x64.exe (www.sordum.org)
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KillProcess.bat [2018-03-11] ()
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MemInfo.lnk [2018-08-18]
ShortcutTarget: MemInfo.lnk -> C:\Program Files (x86)\MemInfo\meminfo.exe (Carthago Software)
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Service Commander - Start.bat [2017-02-24] ()
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShellFolderFix.lnk [2016-06-09]
ShortcutTarget: ShellFolderFix.lnk -> C:\Program Files\ShellFolderFix64\ShellFolderFixUI.exe ()
Startup: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WizMouse.exe.lnk [2016-10-05]
ShortcutTarget: WizMouse.exe.lnk -> C:\Program Files (x86)\wizmouse 1.7.0.3 portable\WizMouse.exe ()
GroupPolicy: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CHR HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0310dcae-38e3-48ac-9821-3e0a71b82103}: [NameServer] 80.67.169.12,80.67.169.40
Tcpip\..\Interfaces\{0f6a2937-2f18-449f-87e6-89ef9e7e9581}: [NameServer] 80.67.169.12,80.67.169.40
Tcpip\..\Interfaces\{1e20e5ee-2e6c-493e-a1a7-84acdaa40ea4}: [NameServer] 80.67.169.12,80.67.169.40
Tcpip\..\Interfaces\{885b802c-3706-4e61-bf85-4a25733b28a1}: [NameServer] 80.67.169.12,80.67.169.40
Tcpip\..\Interfaces\{90d6cc6d-d1ab-4f93-bfdf-407c164e1fb6}: [NameServer] 80.67.169.12,80.67.169.40
Tcpip\..\Interfaces\{a7648d2a-bbaf-47eb-a034-1e84ec773a1c}: [NameServer] 80.67.169.12,80.67.169.40
Tcpip\..\Interfaces\{af18129c-d4fb-4056-b8c0-227532b5b5b9}: [NameServer] 80.67.169.12,80.67.169.40
Tcpip\..\Interfaces\{cbd81dbf-9dce-42fc-92d1-ae8370325fb3}: [NameServer] 80.67.169.12,80.67.169.40,192.168.1.1
Tcpip\..\Interfaces\{cbd81dbf-9dce-42fc-92d1-ae8370325fb3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ec54fa79-9ced-4441-aa34-ab2ddf87a0c7}: [NameServer] 80.67.169.12,80.67.169.40
Tcpip\..\Interfaces\{ec54fa79-9ced-4441-aa34-ab2ddf87a0c7}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1112066077-4254746724-1257480092-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
SearchScopes: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
BHO: No Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Program Files (x86)\OldNewExplorer\OldNewExplorer64.dll [2017-08-16] (www.startisback.com)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_64.dll [2018-08-18] (Open-Shell)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
BHO-x32: No Name -> {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} -> C:\Program Files (x86)\OldNewExplorer\OldNewExplorer32.dll [2017-08-16] (www.startisback.com)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-11-06] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Open-Shell\ClassicExplorer32.dll [2018-08-18] (Open-Shell)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Open-Shell\ClassicIEDLL_32.dll [2018-08-18] (Open-Shell)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Open-Shell\ClassicExplorer32.dll [2018-08-18] (Open-Shell)
Toolbar: HKU\S-1-5-21-1112066077-4254746724-1257480092-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-04] (Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-06] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-11-06] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-11-06] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-11-06] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-11-06] (Microsoft Corporation)
Edge:
======
Edge Extension: (BookReader) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [2018-09-15]
Edge Extension: (PinJSAPI) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [2018-09-15]
FireFox:
========
FF DefaultProfile: zszg12lr.default
FF ProfilePath: C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default [2018-11-07]
FF Homepage: Waterfox\Profiles\zszg12lr.default -> moz-extension://fad938aa-df34-4cda-9f16-f707ee5c84f4/newTab.xhtml
FF NewTab: Waterfox\Profiles\zszg12lr.default -> moz-extension://fad938aa-df34-4cda-9f16-f707ee5c84f4/newTab.xhtml
FF NewTabOverride: Waterfox\Profiles\zszg12lr.default -> Enabled: newtabtools@darktrojan.net
FF Extension: (Disconnect) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\2.0@disconnect.me.xpi [2017-04-04]
FF Extension: (popup video) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\@popup-video.xpi [2018-07-18] [Legacy]
FF Extension: (About config button) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\aboutconfigbutton@firefox.xpi [2017-06-19] [Legacy]
FF Extension: (Make Address Bar Font Size Bigger) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\addressBarFontSizeBigger@papafresh.com.xpi [2017-11-26] [Legacy]
FF Extension: (Roomy Bookmarks Toolbar) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\ALone-live@ya.ru.xpi [2017-11-04] [Legacy]
FF Extension: (Add-ons Manager Context Menu) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\amcontextmenu@loucypher.xpi [2017-12-30] [Legacy]
FF Extension: (Better Image Viewer) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\betterimageviewer@darktrojan.net.xpi [2018-05-04]
FF Extension: (Biscuit) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\biscuit@nuko.org.xpi [2017-02-16] [Legacy]
FF Extension: (CanvasBlocker) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\CanvasBlocker@kkapsner.de.xpi [2018-10-15]
FF Extension: (Classic Theme Restorer) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2018-07-18] [Legacy]
FF Extension: (Suppression automatique des témoins) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\CookieAutoDelete@kennydo.com.xpi [2018-05-14]
FF Extension: (Don't track me Google) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\dont-track-me-google@robwu.nl.xpi [2018-01-18]
FF Extension: (Download Panel Tweaker) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\downloadPanelTweaker@infocatcher.xpi [2017-12-10] [Legacy]
FF Extension: (Drag To Scroll) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\dragtoscroll@deag1bcc-abec-daec-cdae-aeadedcabebacdad.xpi [2018-05-19]
FF Extension: (Easy Screenshot) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\easyscreenshot@mozillaonline.com.xpi [2018-02-15] [Legacy]
FF Extension: (Enhancer for YouTube™) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2018-11-03]
FF Extension: (Foxtana Pro - Redirect Cortana and Bing) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\extension@foxtana.com.xpi [2018-09-03]
FF Extension: (Tampermonkey) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\firefox@tampermonkey.net.xpi [2018-09-14]
FF Extension: (FireGestures) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\firegestures@xuldev.org.xpi [2017-06-11] [Legacy]
FF Extension: (Dictionnaire français) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org [2018-09-03] [Legacy]
FF Extension: (Emoji copier et coller) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\helper@emoji.org.xpi [2018-09-03]
FF Extension: (Hide Caption Titlebar Plus ⁴) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\hidecaptionplus-dp@dummy.addons.mozilla.org.xpi [2018-09-07] [Legacy]
FF Extension: (HTTPS partout) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\https-everywhere@eff.org.xpi [2018-11-03]
FF Extension: (Switchy) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\id@baku.switchy.xpi [2016-06-28] [Legacy]
FF Extension: (InstaClick) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\instaclick@leahscape.com.xpi [2017-11-12] [Legacy]
FF Extension: (Facebook™ Seen Blocker) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\jid0-AcfdPqSA2Ugt2vdJh6Kj7IiOp5W@jetpack.xpi [2017-06-26]
FF Extension: (Auto Shutdown NG) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack.xpi [2017-06-26] [Legacy]
FF Extension: (What about:..) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\jid0-IPSuVKD0J7yL1cIBwQAdoHTCWmY@jetpack.xpi [2017-06-19] [Legacy]
FF Extension: (fontdpi) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\jid1-4ZzxC2kiN3rzJA@jetpack.xpi [2016-06-29] [Legacy]
FF Extension: (FoxyAbout) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\jid1-d3SwJwS6q9JpMq@jetpack.xpi [2018-01-31] [Legacy]
FF Extension: (PDF Mage) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\jid1-GeRCnsiDhZiTvA@jetpack.xpi [2018-10-26]
FF Extension: (Swift Selection Search) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\jid1-KdTtiCj6wxVAFA@jetpack.xpi [2018-09-24]
FF Extension: (British English Dictionary (Marco Pinto)) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\marcoagpinto@mail.telepac.pt [2018-10-26] [Legacy]
FF Extension: (Maximize Video) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\MaximizeVideo@ettoolong.xpi [2018-08-04]
FF Extension: (New Tab Tools) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\newtabtools@darktrojan.net.xpi [2018-05-04]
FF Extension: (Open Page in Private Window) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\open-page-in-private-window@cpeterso.com.xpi [2018-09-03]
FF Extension: (Playback speed) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\playbackSpeed@waldemar.b.xpi [2018-05-06]
FF Extension: (Private Tab) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\privateTab@infocatcher.xpi [2018-05-17] [Legacy]
FF Extension: (Rename Tab Title) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\renametabtitle@mozilla.org.xpi [2018-07-17]
FF Extension: (Rikaichan Japanese-French Dictionary File) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\rikaichan-jpfr@polarcloud.com [2018-09-03] [Legacy]
FF Extension: (Semi-Full Screen) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\SemiFullScreen@Merci.chao.xpi [2017-11-23] [Legacy]
FF Extension: (Skip Redirect) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\skipredirect@sblask.xpi [2018-05-02]
FF Extension: (SSleuth) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\ssleuth@github.xpi [2017-02-16] [Legacy]
FF Extension: (uBlock Origin) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\uBlock0@raymondhill.net.xpi [2018-10-19]
FF Extension: (Undo Closed Tabs Button) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\undoclosedtabsbutton@supernova00.biz.xpi [2017-02-26] [Legacy]
FF Extension: (Zoom Page) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\zoompage@DW-dev.xpi [2017-11-12] [Legacy]
FF Extension: (Disconnect for Facebook™) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{02bf35c3-6f86-4eb4-bea8-e70bc294a7dc}.xpi [2017-11-11]
FF Extension: (Rikaichan) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{0AA9101C-D3C1-4129-A9B7-D778C6A17F82}.xpi [2018-03-08] [Legacy]
FF Extension: (Tab Center Redux) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{0ad88674-2b41-4cfb-99e3-e206c74a0076}.xpi [2018-09-27]
FF Extension: (Flagfox) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2018-08-06] [Legacy] [not signed]
FF Extension: (Export Tabs URLs) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{17165bd9-9b71-4323-99a5-3d4ce49f3d75}.xpi [2018-07-13]
FF Extension: (Undo Close Tab) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{4853d046-c5a3-436b-bc36-220fd935ee1d}.xpi [2018-06-10]
FF Extension: (StartupMaster) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{506d044e-41fa-4cc8-9dc6-9ff70e96eebf}.xpi [2018-03-19] [Legacy]
FF Extension: (SmoothWheel (mozdev.org)) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi [2016-06-28] [Legacy]
FF Extension: (Onglet revers pour Tree Style Tab) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{724545b6-7e17-4fa2-96e0-71eddf3c3319}.xpi [2018-02-18]
FF Extension: (User-Agent Switcher) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{75afe46a-7a50-4c6b-b866-c43a1075b071}.xpi [2018-05-29]
FF Extension: (Stylus) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{7a7a4a92-a2a0-41d1-9fd7-1e92480d612d}.xpi [2018-11-04]
FF Extension: (Youtube Zen) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{7f5dbd00-a296-4696-aebb-06a992c1b4cf}.xpi [2018-09-29]
FF Extension: (Download Tab) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{a949831f-d9c0-45ae-8c60-91c2a86fbfb6}.xpi [2017-12-10] [Legacy]
FF Extension: (Permanent Progress Bar for YouTube) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{af838dcd-be8a-4237-8835-69fca92171d3}.xpi [2018-10-30]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2018-11-04]
FF Extension: (Change Referer Button) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{c71ff04d-f001-1fc1-1fc1-c71ff04df001}.xpi [2017-11-12] [Legacy]
FF Extension: (BetterPrivacy) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2016-10-31] [Legacy]
FF Extension: (Tab Mix Plus) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2018-09-03] [Legacy]
FF Extension: (SaveTabs) - C:\Users\owner\AppData\Roaming\Waterfox\Profiles\zszg12lr.default\Extensions\{f587d35c-943b-4323-8aee-cd8691df4db0}.xpi [2017-12-10]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\instaclick@leahscape.com.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\addressBarFontSizeBigger@papafresh.com.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\{c71ff04d-f001-1fc1-1fc1-c71ff04df001}.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\{477c4c36-24eb-11da-94d4-00e08161165f}.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\biscuit@nuko.org.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\undoclosedtabsbutton@supernova00.biz.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\ALone-live@ya.ru.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\addonsRecentUpdates@infocatcher.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\firegestures@xuldev.org.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\aboutconfigbutton@firefox.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\zoompage@DW-dev.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [not found]
FF Extension: (No Name) - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\3kg8bhol.New\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [not found]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2018-09-19]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-10-10] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-08-25] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-08-25] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.4\npGoogleUpdate3.dll [2016-08-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.4\npGoogleUpdate3.dll [2016-08-21] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems)
StartMenuInternet: Firefox-6F940AC27A98DD61 - C:\Program Files\Waterfox\waterfox.exe
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (uBlock Origin) - C:\Users\owner\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2018-10-04]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Inc.)
S4 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [115752 2017-05-22] (Alps Electric Co., Ltd.)
R2 BrokerInfrastructure; C:\WINDOWS\System32\psmsrv.dll [241664 2018-09-15] (Microsoft Corporation)
R2 BWMeterConSvc; C:\Program Files (x86)\BWMeter\BWMeterConSvc.exe [125440 2018-10-06] () [File not signed]
S3 cbdhsvc; C:\WINDOWS\System32\cbdhsvc.dll [961024 2018-09-15] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9761440 2018-11-01] (Microsoft Corporation)
S3 ConsentUxUserSvc; C:\WINDOWS\System32\ConsentUxClient.dll [157696 2018-09-15] (Microsoft Corporation)
R2 CronService; C:\Windows\Prey\wpxsvc.exe [6886472 2018-07-27] (Prey, Inc.)
R3 DisplayEnhancementService; C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll [914944 2018-09-15] (Microsoft Corporation)
S3 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [23800 2018-10-18] (Intel)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2302152 2018-10-23] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2302152 2018-10-23] (ESET)
R2 FileMarkerApplyIconService; C:\Program Files (x86)\FileMarker.NET\FileMarkerService.exe [717576 2013-11-01] (ArcticLine Software)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2018-08-02] (Futuremark)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18488 2016-02-03] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [532968 2018-07-10] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373712 2018-04-17] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [743728 2017-11-07] (Intel(R) Corporation)
R2 Intel(R) PROSet Monitoring Service; C:\WINDOWS\system32\IProsetMonitor.exe [506368 2017-08-21] (Intel Corporation) [File not signed]
R2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [720184 2017-11-07] (Intel(R) Corporation)
R2 InternetOffService; C:\Program Files (x86)\InternetOff\IOffSvc.exe [1634072 2016-05-25] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-11-22] (Intel Corporation)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [5659976 2018-10-30] (Paramount Software UK Ltd)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-09-05] ()
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [310272 2018-11-03] (Locktime Software)
R2 NMSAccess64; C:\WINDOWS\SysWOW64\NMSAccess64.exe [82872 2009-01-12] ()
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [437200 2018-10-16] ()
S4 OEMRegistrationProgram; C:\Program Files (x86)\Toshiba\OEM Registration Program\OEMRegistrationProgram.exe [16384 2012-12-17] (Toshiba Corporation) [File not signed]
S3 perceptionsimulation; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [78848 2018-09-15] (Microsoft Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S4 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5381624 2018-09-15] (Microsoft Corporation)
R2 SMITS; C:\Windows\SysWOW64\SMITSC.exe [13312 2014-02-27] () [File not signed]
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2018-09-15] ()
S4 TPCHKarteSVC; C:\Program Files (x86)\TOSHIBA\TKRTL\TPCHKarteSVC.exe [244144 2013-01-22] (Toshiba Corporation)
S2 TSDSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_33799fcff12fb0e2\ToshibaSystemService.exe [22114272 2018-05-29] (Toshiba Client Solutions Co., Ltd.)
S2 TSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_33799fcff12fb0e2\TOSTABSYSSVC.exe [272872 2018-05-29] (Toshiba Client Solutions Co., Ltd.)
R2 TSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_33799fcff12fb0e2\RMService.exe [443840 2018-05-29] (Toshiba Client Solutions Co., Ltd.)
R2 vmware-converter-agent; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [518120 2017-12-11] (VMware, Inc.)
R2 vmware-converter-server; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [518120 2017-12-11] (VMware, Inc.)
R2 vmware-converter-worker; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [518120 2017-12-11] (VMware, Inc.)
S3 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15445936 2018-09-18] ()
S3 WaaSMedicSvc; C:\WINDOWS\System32\WaaSMedicSvc.dll [437760 2018-09-15] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3830488 2018-09-15] (Microsoft Corporation)
R2 wfcs; C:\Program Files\Windows Firewall Control\wfcs.exe [121632 2018-08-05] (BiniSoft.org)
S4 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation)
S3 WManSvc; C:\WINDOWS\system32\Windows.Management.Service.dll [370176 2018-09-15] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18736 2018-09-05] (Intel(R) Corporation)
R2 ZentimoService; C:\Zentimo\ZentimoService.exe [1789024 2018-09-08] (Crystal Rich Ltd)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4059744 2018-09-05] (Intel® Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ALSysIO; C:\Users\owner\AppData\Local\Temp\ALSysIO64.sys [46384 2018-11-07] (Arthur Liberman) <==== ATTENTION
R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] ()
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976 2015-06-04] (Advanced Micro Devices, Inc.)
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] ()
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2017-02-28] ()
S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [38320 2017-02-28] ()
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [38320 2017-09-01] ()
R1 BasicDisplay; C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_5103ac179273be89\BasicDisplay.sys [68096 2018-09-15] (Microsoft Corporation)
R1 BasicRender; C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_0b8d03c3bc0e7fd9\BasicRender.sys [37376 2018-09-15] (Microsoft Corporation)
S3 bmdrvr; C:\Windows\SysWow64\drivers\bmdrvr-x64.sys [84736 2017-12-11] (VMware, Inc.)
S3 BthMini; C:\WINDOWS\System32\drivers\BTHMINI.sys [34816 2018-09-15] (Microsoft Corporation)
R2 CLFCL5.18; C:\WINDOWS\system32\DRIVERS\CLFCL5.18\000.fcl [46848 2018-10-02] (CyberLink Corp.)
S3 CompFilter64; C:\WINDOWS\System32\drivers\lvbflt64.sys [26784 2012-10-26] (Logicool Co., Ltd.)
S3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [39048 2015-11-15] (Windows (R) Win 7 DDK provider)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [143448 2018-10-23] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107896 2018-10-23] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-02-19] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188832 2018-10-23] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109864 2018-10-23] (ESET)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [34368 2018-01-16] ()
R0 EPMVolFlt; C:\WINDOWS\System32\drivers\EPMVolFlt.sys [30280 2018-07-19] (Windows (R) Codename Longhorn DDK provider)
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2016-07-11] () [File not signed]
S3 hidspi; C:\WINDOWS\System32\drivers\hidspi.sys [60928 2018-09-15] (Microsoft Corporation)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-07-24] (REALiX(tm))
S3 iaLPSS2i_GPIO2_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_GPIO2_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_I2C_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [180736 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_I2C_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2018-09-15] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136720 2018-05-15] (Intel Corporation)
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [66824 2017-06-15] (IObit)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37104 2018-05-08] (Intel Corporation)
S3 IUProcessFilter; C:\IObit Uninstaller\App\ProgramFiles\drivers\win10_amd64\IUProcessFilter.sys [37184 2018-10-16] (IObit)
S3 IURegistryFilter; C:\IObit Uninstaller\App\ProgramFiles\drivers\win10_amd64\IURegistryFilter.sys [43392 2018-10-16] (IObit)
S3 LcUvcUpper; C:\WINDOWS\system32\DRIVERS\LcUvcUpper.sys [37912 2015-09-21] (Microsoft Corporation)
S3 lvrs64; C:\WINDOWS\system32\DRIVERS\lvrs64.sys [351520 2012-10-26] (Logicool Co., Ltd.)
S3 LVUVC64; C:\WINDOWS\system32\DRIVERS\lvuvc64.sys [4758176 2012-10-26] (Logicool Co., Ltd.)
S3 MbbCx; C:\WINDOWS\System32\drivers\MbbCx.sys [290816 2018-09-15] (Microsoft Corporation)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [53760 2018-09-15] (Microsoft Corporation)
R0 mrcbt; C:\WINDOWS\System32\drivers\mrcbt.sys [73392 2018-11-03] (Windows (R) Win 7 DDK provider)
R0 mrigflt; C:\WINDOWS\System32\drivers\mrigflt.sys [61808 2018-11-03] (Windows (R) Win 7 DDK provider)
S3 MYFAULT; C:\WINDOWS\system32\drivers\myfault.sys [25392 2018-11-04] (Sysinternals)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3586696 2018-09-26] (Intel Corporation)
R1 networx; C:\WINDOWS\System32\drivers\networx.sys [114144 2018-09-23] (Windows (R) Win 7 DDK provider)
R0 nldrv; C:\WINDOWS\System32\drivers\nldrv.sys [175048 2018-10-29] (Locktime Software)
S3 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [81688 2018-03-03] (Insecure.Com LLC.)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 PktMon; C:\WINDOWS\System32\drivers\PktMon.sys [85504 2018-09-15] (Microsoft Corporation)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Resplendence Software Projects Sp.)
R3 RTSPER; C:\WINDOWS\System32\drivers\RtsPer.sys [928496 2018-10-16] (Realsil Semiconductor Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [43008 2018-07-18] ()
S3 SIVDriver; C:\WINDOWS\system32\Drivers\SIVX64.sys [189584 2018-10-14] (Ray Hinchliffe)
S0 SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [219960 2018-09-15] (Microsemi Corportation)
R3 stdriver; C:\WINDOWS\system32\DRIVERS\stdriverx64.sys [54664 2018-11-01] ()
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-06-13] (The OpenVPN Project)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [46456 2018-05-14] (Toshiba Client Solutions Co., Ltd.)
R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_33799fcff12fb0e2\TosSrvCtlDrv.sys [26504 2018-05-29] (Toshiba Client Solutions Co., Ltd. )
S3 UcmUcsiAcpiClient; C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [31232 2018-09-15] (Microsoft Corporation)
S3 UcmUcsiCx0101; C:\WINDOWS\System32\Drivers\UcmUcsiCx.sys [99840 2018-09-15] (Microsoft Corporation)
R1 UimBus; C:\WINDOWS\System32\drivers\uimbus.sys [108896 2017-09-12] (Paragon Software GmbH)
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uimdevim.sys [44904 2017-09-12] (Paragon Software GmbH)
R0 VMSNPXY; C:\WINDOWS\System32\drivers\VmsProxyHNic.sys [37920 2018-10-03] (Microsoft Corporation)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [92040 2018-06-21] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [52576 2018-02-27] (VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Corporation)
R3 WinQuic; C:\WINDOWS\System32\drivers\winquic.sys [156984 2018-09-15] (Microsoft Corporation)
R2 WiseFs; C:\WINDOWS\WiseFs64.sys [66128 2017-12-20] (WiseCleaner.com)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [33864 2018-09-08] (wisecleaner.com)
S3 WiseRegNotify; C:\WINDOWS\WiseRegNotify.sys [51272 2018-09-30] (WiseCleaner.com)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: WManSvc -> C:\Windows\system32\Windows.Management.Service.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-07 11:27 - 2018-11-07 11:28 - 000055208 _____ C:\Users\owner\Desktop\FRST.txt
2018-11-07 11:26 - 2018-10-26 12:15 - 002414592 _____ (Farbar) C:\Users\owner\Desktop\FRST64.exe
2018-11-07 08:43 - 2018-11-07 08:43 - 000000000 ____D C:\Users\owner\Desktop\PreSonus.Studio.One.4.Professional.v4.1.1.Incl.Patched.and.Keygen-R2R
2018-11-07 08:40 - 2018-11-07 08:40 - 000000000 ____D C:\Users\owner\Desktop\sumo
2018-11-07 08:40 - 2018-11-07 08:40 - 000000000 ____D C:\Users\owner\Desktop\Mirillis.Action-rsload.net-
2018-11-07 08:39 - 2018-11-07 08:39 - 000005035 _____ C:\ProgramData\yubhinti.sju
2018-11-07 08:39 - 2018-11-07 08:39 - 000000000 ____D C:\Users\owner\AppData\Local\Movavi
2018-11-07 08:39 - 2018-11-07 08:39 - 000000000 ____D C:\Users\owner\AppData\Local\converter
2018-11-07 08:38 - 2018-11-07 08:40 - 000000000 ____D C:\Users\owner\Desktop\Movavi Video Converter 19.0.0 RePack (& Portable) by TryRooM
2018-11-07 08:38 - 2018-11-07 08:39 - 000000000 ____D C:\Users\owner\Desktop\MovaviVCPremiumPortable
2018-11-06 16:08 - 2018-11-06 16:08 - 000000000 ____D C:\Users\owner\Desktop\Mylène Farmer - Désobéissance
2018-11-06 14:17 - 2018-11-06 14:17 - 000000000 ____D C:\Users\owner\AppData\Local\Xavier_Foucrier
2018-11-06 13:35 - 2018-11-06 13:37 - 000000000 ____D C:\Users\owner\Desktop\KeepMouseSpeedOK_Portable
2018-11-06 09:14 - 2018-11-06 09:14 - 000327755 _____ C:\Users\owner\Desktop\Bon-de-Commande12.pdf
2018-11-06 08:19 - 2018-11-06 08:19 - 000000000 ____D C:\Users\owner\AppData\Roaming\Burnaware
2018-11-05 22:57 - 2018-11-06 07:57 - 000000000 ____D C:\Users\owner\AppData\Roaming\careueyes
2018-11-05 21:22 - 2018-11-05 21:22 - 000002898 _____ C:\WINDOWS\System32\Tasks\Core Temp Autostart owner
2018-11-05 13:50 - 2018-11-05 13:50 - 000000000 ____D C:\Program Files\Tablacus Explorer
2018-11-05 11:29 - 2018-11-05 13:39 - 000000000 ____D C:\Users\owner\Desktop\trayit_4_6_5_5
2018-11-05 08:20 - 2018-11-05 08:21 - 000000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF
2018-11-05 08:17 - 2018-11-05 08:17 - 000000000 ____D C:\Program Files\Locktime Software
2018-11-04 22:16 - 2018-11-04 22:16 - 000000000 ____D C:\Users\owner\AppData\Local\AutoIt v3
2018-11-04 22:15 - 2018-11-05 17:23 - 000000428 _____ C:\Users\owner\SciTE.session
2018-11-04 22:12 - 2018-11-04 22:12 - 000000000 ____D C:\Program Files (x86)\AutoIt3
2018-11-04 09:16 - 2018-11-04 09:16 - 000025392 _____ (Sysinternals) C:\WINDOWS\system32\Drivers\myfault.sys
2018-11-03 19:08 - 2018-11-05 16:59 - 000000000 ____D C:\Program Files (x86)\turned on times view
2018-11-03 17:23 - 2018-11-03 17:23 - 000000000 ____D C:\Program Files (x86)\Nirsoft tools
2018-11-03 17:16 - 2018-11-03 17:17 - 106469864 _____ C:\Users\owner\Desktop\Telecable.03.11.pdf
2018-11-03 13:57 - 2018-11-03 13:57 - 000000000 ____D C:\Program Files (x86)\Screen To Gif
2018-11-03 13:21 - 2018-11-03 13:21 - 000000000 ____D C:\Program Files\DVDFab
2018-11-03 12:48 - 2018-11-03 12:48 - 000000000 ____D C:\Users\owner\AppData\Roaming\26188
2018-11-03 12:13 - 2018-11-03 12:13 - 000000000 ____D C:\Program Files (x86)\Windows Repair Toolbox
2018-11-03 12:09 - 2018-09-16 05:46 - 000533878 _____ C:\Users\owner\Desktop\Vanilla Tokyo Taipei.pdf
2018-11-03 12:09 - 2018-08-06 02:23 - 121526403 _____ C:\Users\owner\Desktop\Velo.Magazine.565.pdf
2018-11-03 12:09 - 2018-07-07 00:25 - 119987918 _____ C:\Users\owner\Desktop\Velo564.pdf
2018-11-03 12:09 - 2018-04-05 22:02 - 031847248 _____ (Entropy6) C:\Users\owner\Desktop\XMetersSetup.exe
2018-11-03 12:08 - 2018-10-12 08:40 - 000002058 _____ C:\Users\owner\Desktop\pains bakery.txt
2018-11-03 12:08 - 2018-09-10 08:18 - 000242048 _____ (Nenad Hrg (SoftwareOK)) C:\Users\owner\Desktop\NewFileTime_x64.exe
2018-11-03 12:08 - 2017-12-08 10:17 - 000034000 _____ C:\Users\owner\Desktop\RunAsDate.exe
2018-11-03 12:07 - 2018-08-05 09:09 - 107242343 _____ C:\Users\owner\Desktop\Le.Cycle.498.pdf
2018-11-03 12:07 - 2018-06-27 09:32 - 117103827 _____ C:\Users\owner\Desktop\Le.Cycle.497.pdf
2018-11-03 12:06 - 2018-09-24 06:15 - 000000243 _____ C:\Users\owner\Desktop\docteur taipei.txt
2018-11-03 12:06 - 2018-09-14 13:02 - 000000098 _____ C:\Users\owner\Desktop\confirmation vol bidon.txt
2018-11-03 12:06 - 2017-12-17 19:00 - 140827315 _____ C:\Users\owner\Desktop\CycLe.Hs.15.pdf
2018-11-03 12:04 - 2018-08-15 02:45 - 106106439 _____ C:\Users\owner\Desktop\Chas-Img-381.pdf
2018-11-03 12:04 - 2018-02-13 21:23 - 107216317 _____ C:\Users\owner\Desktop\Capital.Dossier.Special.1.pdf
2018-11-03 11:53 - 2018-11-03 12:09 - 000000000 ____D C:\Users\owner\Desktop\whoisconnectedsniffer-x64
2018-11-03 11:53 - 2018-11-03 12:08 - 000000000 ____D C:\Users\owner\Desktop\rsload.net.KeyScrambler
2018-11-03 11:53 - 2018-11-03 12:08 - 000000000 ____D C:\Users\owner\Desktop\madVR
2018-11-03 11:53 - 2018-11-03 12:07 - 000000000 ____D C:\Users\owner\Desktop\LAVFilters-0.73.1-x64
2018-11-03 11:53 - 2018-11-03 12:06 - 000000000 ____D C:\Users\owner\Desktop\exeinfope
2018-11-03 11:53 - 2018-11-03 12:03 - 000000000 ____D C:\Users\owner\Desktop\貓空
2018-11-03 11:52 - 2018-11-04 10:22 - 000000000 ____D C:\Users\owner\Desktop\A ramener de France
2018-11-03 11:52 - 2018-11-03 17:16 - 000000000 ____D C:\Users\owner\Desktop\Jam
2018-11-03 11:52 - 2018-11-03 12:08 - 000000000 ____D C:\Users\owner\Desktop\Taobao
2018-11-03 11:52 - 2018-11-03 12:08 - 000000000 ____D C:\Users\owner\Desktop\PDF
2018-11-03 11:52 - 2018-11-03 12:08 - 000000000 ____D C:\Users\owner\Desktop\Lili
2018-11-03 11:52 - 2018-11-03 12:06 - 000000000 ____D C:\Users\owner\Desktop\Eric guibon
2018-11-03 11:52 - 2018-11-03 12:03 - 000000000 ____D C:\Users\owner\Desktop\22
2018-11-03 11:51 - 2018-11-03 12:04 - 000000000 ____D C:\Users\owner\Desktop\A classer
2018-11-03 11:50 - 2018-11-06 13:32 - 000000000 ____D C:\Users\owner\Desktop\Import
2018-11-03 11:50 - 2018-11-03 12:08 - 000000000 ____D C:\Users\owner\Desktop\Snoopy
2018-11-03 11:50 - 2018-11-03 12:06 - 000000000 ____D C:\Users\owner\Desktop\chinois
2018-11-03 11:50 - 2018-11-03 12:03 - 000000000 ____D C:\Users\owner\Desktop\22 yi
2018-11-03 11:25 - 2018-11-03 11:25 - 005539424 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-11-03 08:13 - 2018-11-03 08:13 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2018-11-01 17:00 - 2018-11-01 17:00 - 000054664 _____ C:\WINDOWS\system32\Drivers\stdriverx64.sys
2018-11-01 16:57 - 2018-11-01 16:57 - 000000000 ____D C:\Users\owner\AppData\Roaming\Recordpad
2018-11-01 15:59 - 2018-11-01 16:00 - 000000000 ____D C:\Program Files (x86)\NordVPN
2018-11-01 14:54 - 2018-11-01 14:54 - 000000000 ____D C:\Users\owner\AppData\Local\Deployment
2018-11-01 14:53 - 2018-11-01 14:53 - 000000000 ____D C:\Program Files\Logitech
2018-11-01 12:10 - 2018-11-01 12:16 - 000000000 ____D C:\Users\owner\AppData\Roaming\PayWin
2018-11-01 12:06 - 2018-11-01 12:06 - 000000000 ____D C:\Program Files (x86)\Western Digital Corporation
2018-11-01 09:19 - 2018-11-01 09:19 - 000000000 ____D C:\Program Files (x86)\DnsJumper
2018-10-31 22:07 - 2018-11-03 11:15 - 000000000 ____D C:\WINDOWS\System32\Tasks\UAC pass
2018-10-31 20:25 - 2018-10-31 20:25 - 000000000 ____D C:\Users\owner\AppData\Roaming\Locktime
2018-10-31 20:25 - 2018-10-31 20:25 - 000000000 ____D C:\ProgramData\Locktime
2018-10-31 19:40 - 2018-11-01 13:58 - 000000000 ____D C:\Program Files (x86)\KeyFreeze
2018-10-31 18:00 - 2018-10-31 18:00 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2018-10-31 17:59 - 2018-10-17 21:07 - 003128672 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2018-10-31 17:59 - 2018-10-17 21:07 - 001382104 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2018-10-31 17:59 - 2018-10-17 21:07 - 001337504 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2018-10-31 17:59 - 2018-10-17 21:07 - 000873328 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2018-10-31 17:59 - 2018-10-17 21:07 - 000852000 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2018-10-31 17:59 - 2018-10-17 21:07 - 000604664 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2018-10-31 17:59 - 2018-10-17 21:07 - 000540984 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2018-10-31 17:59 - 2018-10-17 21:07 - 000447048 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2018-10-31 17:59 - 2018-10-17 21:07 - 000230568 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2018-10-31 17:59 - 2018-10-17 21:07 - 000218136 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2018-10-31 17:59 - 2018-10-17 21:07 - 000174808 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2018-10-31 17:59 - 2018-10-17 21:07 - 000158560 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2018-10-31 17:59 - 2018-10-17 21:07 - 000075408 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 003417880 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 003319480 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 002992288 _____ (Audyssey Labs) C:\WINDOWS\system32\AudysseyEfx.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 001971448 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 001788032 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 001598472 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 001516344 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 001353384 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000964888 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000751376 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000734872 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000715728 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000692224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000511744 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000453336 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000452816 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000448680 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000392936 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000343768 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000333112 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000327328 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000327328 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000278344 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000261312 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000261272 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000260288 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000231784 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000220448 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000193040 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000157408 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000139816 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000116600 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000093968 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000090976 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000090232 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000088376 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2018-10-31 17:59 - 2018-10-17 21:06 - 000083688 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2018-10-31 17:59 - 2018-10-17 18:06 - 003677232 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2018-10-31 17:59 - 2018-10-17 18:06 - 003159488 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2018-10-31 17:59 - 2018-10-17 18:06 - 000266624 _____ (TODO:
2018-10-31 17:59 - 2018-10-17 18:05 - 072520792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2018-10-31 17:59 - 2018-10-17 18:05 - 007178544 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2018-10-31 17:59 - 2018-10-17 18:05 - 007101816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2018-10-31 17:59 - 2018-10-17 18:05 - 002930224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2018-10-31 17:59 - 2018-10-17 18:05 - 000122400 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2018-10-31 17:59 - 2018-10-17 18:05 - 000118664 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2018-10-31 17:59 - 2018-10-17 18:05 - 000105384 _____ C:\WINDOWS\system32\audioLibVc.dll
2018-10-31 17:59 - 2018-10-17 17:41 - 023174577 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2018-10-31 17:59 - 2018-10-16 03:46 - 009899936 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2018-10-31 17:47 - 2018-10-31 17:47 - 000000000 ____D C:\Users\owner\AppData\Roaming\Mirillis
2018-10-31 17:47 - 2018-10-31 17:47 - 000000000 ____D C:\Users\owner\AppData\Local\Mirillis
2018-10-31 17:47 - 2018-10-31 17:47 - 000000000 ____D C:\ProgramData\Mirillis
2018-10-31 17:44 - 2018-10-31 17:44 - 000000000 ____D C:\Program Files (x86)\Mirillis
2018-10-31 17:38 - 2018-10-10 20:23 - 002164080 _____ C:\WINDOWS\ampa.exe
2018-10-31 17:38 - 2017-02-28 23:20 - 000038320 _____ C:\WINDOWS\SysWOW64\ampa.sys
2018-10-31 17:38 - 2017-02-28 23:20 - 000038320 _____ C:\WINDOWS\system32\ampa.sys
2018-10-31 17:37 - 2018-10-31 17:39 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant Unlimited Edition 7.5
2018-10-31 12:26 - 2018-11-03 11:20 - 000061808 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\mrigflt.sys
2018-10-31 12:26 - 2018-10-31 12:26 - 000062008 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\mrigflt.sys_
2018-10-31 11:48 - 2018-10-31 11:48 - 000000000 ____D C:\Users\owner\AppData\Roaming\Lanmisoft
2018-10-31 11:48 - 2018-10-31 11:48 - 000000000 ____D C:\ProgramData\Lanmisoft
2018-10-31 11:42 - 2018-10-31 11:42 - 000000000 ____D C:\Users\owner\AppData\Local\VS Revo Group
2018-10-31 10:49 - 2018-10-31 10:54 - 000000000 ____D C:\Program Files\DXO
2018-10-31 10:25 - 2018-10-31 10:25 - 000000000 ____D C:\Program Files (x86)\FastStone Image Viewer
2018-10-31 09:20 - 2018-10-31 09:20 - 000000000 ____D C:\XYplorer
2018-10-31 09:12 - 2018-10-31 09:12 - 000000000 ____D C:\Users\owner\Documents\DxO PhotoLab 2 logs
2018-10-31 09:05 - 2018-10-31 10:27 - 000000000 ____D C:\Program Files (x86)\UAC pass
2018-10-30 22:37 - 2018-10-30 22:37 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2018-10-29 13:50 - 2018-10-29 13:50 - 000175048 _____ (Locktime Software) C:\WINDOWS\system32\Drivers\nldrv.sys
2018-10-26 12:37 - 2018-10-26 12:37 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2018-10-26 12:30 - 2018-10-26 12:30 - 000000000 ____D C:\Users\owner\AppData\Roaming\Henry++
2018-10-26 12:29 - 2018-10-26 12:29 - 000000000 ____D C:\Program Files\Mem Reduct
2018-10-26 06:08 - 2018-10-26 06:08 - 000001057 _____ C:\Users\owner\AppData\Roaming\88e9dc3a-641c-4dc2-9204-9ba65cc42265
2018-10-26 06:08 - 2018-10-26 06:08 - 000000171 _____ C:\Users\owner\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2018-10-23 08:52 - 2018-10-23 08:52 - 000000000 ____D C:\Users\owner\AppData\Roaming\Actual Tools
2018-10-23 08:52 - 2018-10-23 08:52 - 000000000 ____D C:\ProgramData\Actual Tools
2018-10-23 08:51 - 2018-10-23 08:52 - 000000000 ____D C:\Program Files (x86)\Actual Transparent Window
2018-10-23 08:27 - 2018-10-23 08:27 - 000000000 ____D C:\Program Files (x86)\Tor Browser
2018-10-23 08:05 - 2018-10-23 08:05 - 000000000 ____D C:\Users\owner\AppData\Local\SolidDocuments
2018-10-22 04:54 - 2018-10-22 04:54 - 000000000 ____D C:\Users\owner\AppData\Local\Edraw
2018-10-22 04:52 - 2018-10-22 04:54 - 000000000 ____D C:\Program Files (x86)\Edraw Max 9.3
2018-10-22 02:53 - 2018-11-07 11:25 - 000476514 _____ C:\WINDOWS\system32\prfh0404.dat
2018-10-22 02:53 - 2018-11-07 11:25 - 000154856 _____ C:\WINDOWS\system32\prfc0404.dat
2018-10-22 02:53 - 2018-10-22 02:53 - 000000000 ____D C:\WINDOWS\SysWOW64\zh-HANT
2018-10-22 02:53 - 2018-10-22 02:52 - 000119764 _____ C:\WINDOWS\system32\prfi0404.dat
2018-10-22 02:53 - 2018-10-22 02:52 - 000033402 _____ C:\WINDOWS\system32\prfd0404.dat
2018-10-22 02:52 - 2018-10-22 02:52 - 000000000 ____D C:\WINDOWS\system32\zh-HANT
2018-10-22 02:45 - 2018-09-14 11:11 - 002350080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Data0404.dll
2018-10-22 02:45 - 2018-09-14 11:05 - 009720320 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Models0404.dll
2018-10-22 02:45 - 2018-09-14 11:05 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Lexicons0404.dll
2018-10-22 02:45 - 2018-09-14 11:00 - 000700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB70404.dll
2018-10-22 02:45 - 2018-09-14 10:52 - 002256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NL7Data0404.dll
2018-10-22 02:45 - 2018-09-14 10:42 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWB70404.dll
2018-10-22 02:45 - 2018-08-08 13:55 - 000001696 _____ C:\WINDOWS\system32\NOISE.CHT
2018-10-21 14:05 - 2018-11-05 17:36 - 000000000 ____D C:\Program Files (x86)\CrystalDiskMark
2018-10-21 14:05 - 2018-11-05 17:36 - 000000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2018-10-20 05:30 - 2018-10-20 05:30 - 000001024 ____H C:\SYSTAG.BIN
2018-10-20 01:09 - 2018-10-20 01:09 - 000000000 ____D C:\Program Files (x86)\Fonty
2018-10-20 00:55 - 2018-11-03 15:11 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2018-10-20 00:47 - 2018-10-20 00:47 - 000000000 ____D C:\Users\owner\AppData\Roaming\FontCreator
2018-10-18 03:54 - 2018-10-18 03:54 - 000000000 ____D C:\Program Files\YamicSoft
2018-10-18 03:35 - 2018-04-07 19:39 - 000045544 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\Drivers\TVALZ.SYS
2018-10-18 03:34 - 2018-10-17 21:06 - 003762152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2018-10-18 03:34 - 2018-10-17 21:06 - 000994552 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2018-10-18 03:33 - 2018-05-15 20:28 - 000401608 _____ (Intel Corporation) C:\WINDOWS\system32\ibtproppage.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 009696288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-10-18 02:15 - 2018-10-18 02:15 - 007861248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 006545296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 006062592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 005440016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 004588224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-10-18 02:15 - 2018-10-18 02:15 - 004245072 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-10-18 02:15 - 2018-10-18 02:15 - 003730336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-10-18 02:15 - 2018-10-18 02:15 - 002988544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 002469648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 002323888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 001824768 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 001749504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 001641592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 001476096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 001391080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2018-10-18 02:15 - 2018-10-18 02:15 - 001278808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2018-10-18 02:15 - 2018-10-18 02:15 - 001255736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-10-18 02:15 - 2018-10-18 02:15 - 001050632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-10-18 02:15 - 2018-10-18 02:15 - 001048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 000918304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 000818640 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-10-18 02:15 - 2018-10-18 02:15 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-10-18 02:15 - 2018-10-18 02:15 - 000604448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.applicationmodel.datatransfer.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 000582232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 000535056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-10-18 02:15 - 2018-10-18 02:15 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 000402376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 000298512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-10-18 02:15 - 2018-10-18 02:15 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-10-18 02:15 - 2018-10-18 02:15 - 000262664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-10-18 02:15 - 2018-10-18 02:15 - 000193040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-10-18 02:15 - 2018-10-18 02:15 - 000175120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2018-10-18 02:15 - 2018-10-18 02:15 - 000157216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2018-10-17 07:26 - 2018-10-17 07:26 - 000000000 ____D C:\Users\owner\AppData\Roaming\DesktopDPO
2018-10-17 06:38 - 2018-10-17 06:38 - 000000000 ____D C:\ProgramData\Isolated Storage
2018-10-17 05:11 - 2018-10-17 05:11 - 000000000 ___SD C:\Users\owner\Documents\Mes sources de données
2018-10-16 03:38 - 2018-10-16 03:38 - 000000000 ____D C:\Users\owner\AppData\Roaming\ueli
2018-10-16 03:35 - 2018-10-16 03:35 - 000000000 ____D C:\Program Files\Notepad++
2018-10-14 02:35 - 2018-10-14 02:35 - 000000000 ____D C:\Program Files\Dr. Folder
2018-10-12 14:51 - 2018-10-12 14:51 - 000000000 ____D C:\Program Files\Wireshark
2018-10-12 05:15 - 2018-10-12 05:15 - 000000000 ____D C:\Program Files\Common Files\Native Instruments
2018-10-12 05:14 - 2018-10-14 04:10 - 000000000 ___RD C:\ProgramData\Arturia
2018-10-12 05:14 - 2018-10-14 04:10 - 000000000 ___RD C:\Program Files (x86)\Arturia
2018-10-12 05:14 - 2018-10-12 05:14 - 000000000 ____D C:\Program Files\Common Files\VST3
2018-10-11 03:53 - 2018-10-11 03:54 - 000000000 ____D C:\NetWorx
2018-10-11 03:53 - 2018-10-11 03:53 - 000000000 ____D C:\ProgramData\SoftPerfect
2018-10-11 03:53 - 2018-09-23 15:15 - 000114144 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\networx.sys
2018-10-11 03:27 - 2018-10-05 13:32 - 000000000 ____D C:\Program Files (x86)\BLACK WHITE projects 6
2018-10-10 16:59 - 2018-11-06 19:21 - 000003494 _____ C:\WINDOWS\System32\Tasks\WDU
2018-10-10 16:59 - 2018-11-06 19:21 - 000003268 _____ C:\WINDOWS\System32\Tasks\Wub_task
2018-10-10 01:13 - 2018-10-10 01:13 - 026805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 023440384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 022112072 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 020809216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 019024384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 012857856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 012151296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 011744256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 009951744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 005584056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 003981312 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-10-10 01:13 - 2018-10-10 01:13 - 003600896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 003556864 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 003380736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 003378176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-10-10 01:13 - 2018-10-10 01:13 - 002927096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-10-10 01:13 - 2018-10-10 01:13 - 002893312 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 002832896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 002721280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-10-10 01:13 - 2018-10-10 01:13 - 002625552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-10-10 01:13 - 2018-10-10 01:13 - 002488320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-10-10 01:13 - 2018-10-10 01:13 - 002435488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 002186752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 002045952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmswitch.sys
2018-10-10 01:13 - 2018-10-10 01:13 - 002020560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 001863168 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 001830912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 001797128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 001672072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 001590288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 001520208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 001466992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 001360896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-10-10 01:13 - 2018-10-10 01:13 - 001106744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lxcore.sys
2018-10-10 01:13 - 2018-10-10 01:13 - 000863752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-10-10 01:13 - 2018-10-10 01:13 - 000850960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wnv.sys
2018-10-10 01:13 - 2018-10-10 01:13 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-10-10 01:13 - 2018-10-10 01:13 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-10-10 01:13 - 2018-10-10 01:13 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-10-09 04:06 - 2018-11-07 11:27 - 000000000 ____D C:\FRST
2018-10-09 02:59 - 2018-10-09 02:59 - 000000000 ____D C:\ProgramData\PDVD
2018-10-09 02:59 - 2018-10-09 02:59 - 000000000 ____D C:\ProgramData\install_backup
2018-10-09 02:59 - 2018-10-09 02:59 - 000000000 ____D C:\Program Files (x86)\CyberLink
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-07 11:25 - 2018-10-03 04:59 - 003876046 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-07 11:25 - 2018-09-15 17:54 - 000513410 _____ C:\WINDOWS\system32\perfh011.dat
2018-11-07 11:25 - 2018-09-15 17:54 - 000154512 _____ C:\WINDOWS\system32\perfc011.dat
2018-11-07 11:25 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2018-11-07 11:25 - 2018-04-30 19:31 - 001301562 _____ C:\WINDOWS\system32\perfh00C.dat
2018-11-07 11:25 - 2018-04-30 19:31 - 000292168 _____ C:\WINDOWS\system32\perfc00C.dat
2018-11-07 11:22 - 2018-08-11 01:15 - 000000000 ____D C:\Users\owner\AppData\Local\OpenShell
2018-11-07 11:20 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-07 11:20 - 2017-06-22 20:28 - 000000000 ____D C:\Users\owner\AppData\Roaming\Zentimo
2018-11-07 11:20 - 2016-06-06 20:22 - 000000000 ____D C:\My CPU Monitor
2018-11-07 11:19 - 2018-10-03 04:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-11-07 11:19 - 2018-07-27 03:11 - 000000000 ____D C:\WINDOWS\Prey
2018-11-07 11:19 - 2017-07-28 15:30 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-11-07 11:19 - 2016-03-10 09:25 - 000000000 __SHD C:\Users\owner\IntelGraphicsProfiles
2018-11-07 10:59 - 2016-06-13 12:22 - 000000000 ____D C:\Users\owner\AppData\Roaming\The Bat!
2018-11-07 10:58 - 2018-10-03 04:59 - 000000000 ____D C:\WINDOWS\System32\Tasks\Open Hardware Monitor
2018-11-07 09:52 - 2018-10-03 04:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-07 08:29 - 2018-08-12 04:45 - 000001024 ____H C:\AMTAG.BIN
2018-11-06 23:00 - 2016-06-05 00:17 - 000000000 ____D C:\Users\owner\AppData\Roaming\vlc
2018-11-06 22:25 - 2016-06-08 19:20 - 000000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hardware
2018-11-06 22:20 - 2018-03-19 20:43 - 000000000 ____D C:\Users\owner\AppData\Roaming\foobar2000
2018-11-06 21:06 - 2017-05-09 21:49 - 000000000 ____D C:\Program Files (x86)\Destroy Windows 10 Spying
2018-11-06 19:37 - 2018-08-18 03:18 - 000000000 ____D C:\Windows Update Minitools avec script Wrapper
2018-11-06 18:07 - 2018-08-15 03:58 - 000000000 ____D C:\Users\owner\AppData\Roaming\AutoSizer
2018-11-06 18:00 - 2018-09-15 07:09 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2018-11-06 17:42 - 2017-04-16 15:29 - 000000000 ____D C:\Users\owner\AppData\Roaming\chessx
2018-11-06 16:14 - 2018-04-11 16:24 - 000000000 ____D C:\Program Files (x86)\Right Click Enhancer
2018-11-06 14:08 - 2018-04-30 19:52 - 000000000 ____D C:\Users\owner\AppData\Roaming\VMware
2018-11-06 14:08 - 2016-06-12 17:01 - 000000000 ____D C:\Users\owner\AppData\Local\VMware
2018-11-06 14:04 - 2016-06-12 16:56 - 000000000 ____D C:\ProgramData\VMware
2018-11-06 13:42 - 2016-06-12 09:51 - 000000000 ___RD C:\Users\owner\Creative Cloud Files
2018-11-06 13:42 - 2016-06-12 09:37 - 000000000 ____D C:\Users\owner\AppData\Local\Adobe
2018-11-06 13:36 - 2018-03-04 14:49 - 000000000 ____D C:\Program Files\usbdeview x64
2018-11-06 13:09 - 2017-04-17 18:47 - 000000000 ____D C:\Users\owner\AppData\Local\CrashDumps
2018-11-06 10:59 - 2018-05-01 15:07 - 000000000 ____D C:\Program Files\DesktopOK
2018-11-06 09:38 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-06 09:38 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-11-06 09:30 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-11-06 09:29 - 2016-06-12 12:17 - 000000000 ____D C:\Program Files\Microsoft Office
2018-11-05 22:53 - 2018-05-02 17:19 - 000000000 ____D C:\Program Files\Everything x64
2018-11-05 21:54 - 2016-06-08 19:24 - 000000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Musique
2018-11-05 21:22 - 2018-07-12 06:15 - 000000000 ____D C:\Program Files\CoreTemp64
2018-11-05 20:04 - 2017-03-25 22:52 - 000000000 ____D C:\Users\owner\AppData\Roaming\audacity
2018-11-05 19:47 - 2018-03-19 20:43 - 000000000 ____D C:\Program Files (x86)\foobar2000
2018-11-05 13:28 - 2016-06-08 16:55 - 000000000 ____D C:\Icônes
2018-11-05 08:29 - 2018-10-04 06:33 - 000000000 ____D C:\Program Files\EqualizerAPO
2018-11-05 08:21 - 2016-06-08 19:20 - 000000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Système
2018-11-05 08:17 - 2017-05-26 11:55 - 000000000 ____D C:\Users\owner\AppData\Roaming\Locktime Software
2018-11-05 08:12 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-11-04 22:52 - 2018-03-17 12:22 - 000000000 ____D C:\Users\owner\AppData\Local\birdfont
2018-11-04 22:15 - 2018-10-03 04:21 - 000000000 ____D C:\Users\owner
2018-11-04 22:12 - 2016-02-13 14:00 - 000000000 ____D C:\WINDOWS\ShellNew
2018-11-04 21:56 - 2018-09-28 14:43 - 000000000 ____D C:\Program Files (x86)\4dots Software
2018-11-04 17:39 - 2017-10-19 05:05 - 000000000 ____D C:\Users\owner\AppData\Local\Packages
2018-11-03 21:46 - 2016-06-08 20:24 - 000000000 ____D C:\Users\owner\AppData\Roaming\Rainmeter
2018-11-03 19:02 - 2018-10-03 04:59 - 000002816 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-gokpok@hotmail.com
2018-11-03 18:31 - 2017-06-13 22:13 - 000000000 ____D C:\Users\Public\Documents\Adobe
2018-11-03 18:31 - 2016-06-12 10:20 - 000000000 ____D C:\Program Files\Adobe
2018-11-03 18:31 - 2016-06-08 19:22 - 000000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Adobe
2018-11-03 18:31 - 2016-03-10 09:25 - 000000000 ____D C:\Users\owner\AppData\Roaming\Adobe
2018-11-03 17:25 - 2017-03-01 08:49 - 000000000 ____D C:\Corbeille
2018-11-03 17:21 - 2016-06-08 19:21 - 000000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image
2018-11-03 17:18 - 2016-06-08 19:21 - 000000000 ___RD C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Multimédia
2018-11-03 17:17 - 2018-01-17 12:11 - 000000000 ____D C:\Program Files\XnConvert
2018-11-03 13:38 - 2016-06-12 10:20 - 000000000 ____D C:\Program Files\Common Files\Adobe
2018-11-03 13:14 - 2018-04-23 18:35 - 000000000 ____D C:\Program Files (x86)\Door Control
2018-11-03 12:55 - 2018-03-31 10:58 - 000000000 ____D C:\Program Files (x86)\Privazer
2018-11-03 12:54 - 2018-07-11 03:14 - 000000000 ____D C:\Program Files (x86)\FontViewOK
2018-11-03 12:47 - 2016-06-12 09:51 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-11-03 12:37 - 2014-12-10 18:06 - 000000000 ____D C:\ProgramData\Adobe
2018-11-03 11:31 - 2016-06-08 19:21 - 000000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Protection
2018-11-03 11:30 - 2016-06-08 19:21 - 000000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Custom
2018-11-03 11:23 - 2018-06-25 11:44 - 000000000 ____D C:\Program Files (x86)\Wise Disk Cleaner
2018-11-03 11:20 - 2017-08-15 13:55 - 000000000 ____D C:\Program Files\Macrium
2018-11-03 11:20 - 2017-03-12 20:22 - 000073392 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\mrcbt.sys
2018-11-03 11:15 - 2016-06-14 19:54 - 000000000 ____D C:\Users\owner\AppData\Roaming\ZHP
2018-11-03 10:46 - 2018-04-11 20:55 - 000000081 _____ C:\Users\owner\AppData\Local\FILM_AE_LogFile.txt
2018-11-03 10:44 - 2018-04-11 20:55 - 000000738 _____ C:\Users\owner\Documents\CIV_LogFile.txt
2018-11-03 10:38 - 2017-03-03 09:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2018-11-03 08:11 - 2018-07-18 10:15 - 000000000 ____D C:\Program Files (x86)\Hard Disk Sentinel Pro
2018-11-01 17:03 - 2018-10-03 04:59 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2018-11-01 17:00 - 2018-03-16 10:09 - 000000000 ____D C:\Users\owner\AppData\Roaming\NCH Software
2018-11-01 17:00 - 2018-03-16 10:09 - 000000000 ____D C:\ProgramData\NCH Software
2018-11-01 17:00 - 2018-03-16 10:09 - 000000000 ____D C:\Program Files (x86)\NCH Software
2018-11-01 16:00 - 2017-12-08 02:01 - 000000000 ____D C:\Users\owner\AppData\Local\NordVPN
2018-11-01 16:00 - 2017-12-08 02:00 - 000000000 ____D C:\Users\owner\AppData\Roaming\NordVPN
2018-11-01 15:52 - 2018-08-11 01:27 - 000000000 ____D C:\Users\owner\AppData\Local\cache
2018-11-01 15:30 - 2016-06-17 20:16 - 000000000 ____D C:\Program Files (x86)\SRMX
2018-11-01 15:18 - 2016-06-08 19:21 - 000000000 ___RD C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet
2018-11-01 13:40 - 2016-06-12 12:43 - 000000000 ____D C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Office 2019
2018-11-01 12:39 - 2017-03-10 17:56 - 000000000 ____D C:\Users\owner\Documents\Programmes Windows 10
2018-10-31 23:04 - 2018-04-15 11:43 - 003173248 _____ C:\Users\owner\ZHPDiag3.exe
2018-10-31 22:06 - 2018-08-19 01:21 - 000000000 ____D C:\Program Files (x86)\sumo
2018-10-31 20:51 - 2017-11-21 13:18 - 000000000 ____D C:\Program Files\waterfox
2018-10-31 18:08 - 2018-10-03 04:59 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel
2018-10-31 18:00 - 2018-03-19 16:54 - 000000000 ____D C:\WINDOWS\system32\RTCOM
2018-10-31 18:00 - 2017-07-28 15:30 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-10-31 17:59 - 2018-08-03 12:54 - 000000000 ____D C:\SDI
2018-10-31 14:23 - 2016-06-12 09:46 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-10-31 13:12 - 2018-09-20 05:46 - 000000000 ____D C:\Users\owner\AppData\Roaming\MPC-HC
2018-10-31 12:26 - 2017-03-12 20:22 - 000072304 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\mrcbt.sys_
2018-10-31 12:12 - 2017-03-12 10:42 - 000088944 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\mrcbtes.dll
2018-10-31 09:24 - 2016-06-06 18:07 - 000000000 ____D C:\Users\owner\AppData\Local\Downloaded Installations
2018-10-31 09:23 - 2016-06-12 18:51 - 000000000 ____D C:\ProgramData\DxO Labs
2018-10-31 09:21 - 2018-02-14 14:34 - 000000000 ____D C:\ProgramData\DxO
2018-10-30 22:47 - 2018-09-16 06:35 - 000000000 ____D C:\Program Files\Sysinternals Tools
2018-10-30 22:45 - 2018-08-07 03:58 - 000000000 ____D C:\Program Files (x86)\Ccleaner
2018-10-26 12:37 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-10-26 12:37 - 2018-08-21 05:21 - 000000000 ____D C:\WINDOWS\SysWOW64\PolicyDefinitions
2018-10-26 12:32 - 2018-08-12 03:38 - 000000000 ____D C:\Users\owner\AppData\Local\Package Cache
2018-10-26 12:25 - 2016-10-23 07:59 - 000000000 ____D C:\Program Files\Registry Finder
2018-10-26 06:29 - 2016-06-06 19:32 - 000000000 ____D C:\ProgramData\IOffSvc
2018-10-25 06:16 - 2018-05-10 21:51 - 000000000 ____D C:\Program Files\Opera
2018-10-24 14:04 - 2018-08-05 10:15 - 000000000 ____D C:\WinaeroTweaker
2018-10-23 13:25 - 2018-07-12 07:22 - 000107896 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2018-10-23 13:25 - 2018-04-30 19:34 - 000188832 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2018-10-23 13:25 - 2018-04-30 19:34 - 000143448 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2018-10-23 13:25 - 2018-04-30 19:34 - 000109864 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2018-10-23 13:17 - 2018-07-12 03:21 - 000000000 ____D C:\4K Video Downloader
2018-10-23 08:28 - 2018-02-26 10:36 - 000000000 ____D C:\Program Files\ExamDiff Pro
2018-10-23 08:28 - 2017-11-09 16:22 - 000000000 ____D C:\Users\owner\AppData\Local\PlaceholderTileLogoFolder
2018-10-23 08:25 - 2018-10-03 04:59 - 000003150 _____ C:\WINDOWS\System32\Tasks\WindowManager
2018-10-23 08:25 - 2018-07-23 12:35 - 000000000 ____D C:\Program Files (x86)\WindowManager
2018-10-23 08:00 - 2018-10-03 04:59 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-10-22 04:46 - 2018-04-01 13:29 - 000000000 ____D C:\Users\owner\.zenmap
2018-10-22 02:53 - 2018-10-03 04:19 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2018-10-22 02:53 - 2018-09-15 17:54 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2018-10-22 02:53 - 2018-09-15 17:54 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2018-10-22 02:53 - 2018-09-15 17:54 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2018-10-22 02:53 - 2018-09-15 17:54 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2018-10-22 02:53 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-10-22 02:53 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-10-22 02:53 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-10-22 02:53 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2018-10-22 02:53 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2018-10-22 02:53 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-10-22 02:53 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\com
2018-10-22 02:53 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-10-22 02:52 - 2018-10-03 04:19 - 000000000 ___SD C:\WINDOWS\system32\lxss
2018-10-22 02:52 - 2018-09-15 17:56 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-10-22 02:52 - 2018-09-15 17:56 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2018-10-22 02:52 - 2018-09-15 17:56 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-10-22 02:52 - 2018-09-15 17:54 - 000000000 ____D C:\WINDOWS\system32\winrm
2018-10-22 02:52 - 2018-09-15 17:54 - 000000000 ____D C:\WINDOWS\system32\WCN
2018-10-22 02:52 - 2018-09-15 17:54 - 000000000 ____D C:\WINDOWS\system32\slmgr
2018-10-22 02:52 - 2018-09-15 17:54 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\system32\dsc
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\MUI
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\com
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\IME
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\Windows Defender
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\Common Files\system
2018-10-22 02:52 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-10-22 02:52 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-10-22 02:52 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-10-22 02:52 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\servicing
2018-10-22 02:45 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\Globalization
2018-10-21 13:36 - 2018-10-03 04:59 - 000003958 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1525985527
2018-10-21 03:06 - 2015-04-11 01:06 - 000000000 ____D C:\ProgramData\Package Cache
2018-10-21 00:55 - 2017-06-18 19:34 - 000000000 ____D C:\AdwCleaner
2018-10-20 05:30 - 2018-04-10 15:11 - 000000082 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2018-10-20 04:53 - 2017-12-20 14:09 - 000000144 _____ C:\WINDOWS\wisefs.dat
2018-10-20 02:39 - 2016-06-12 10:22 - 000000000 ____D C:\Users\owner\Documents\Adobe
2018-10-20 02:26 - 2018-10-03 04:59 - 000003270 _____ C:\WINDOWS\System32\Tasks\Adobe Uninstaller
2018-10-20 00:55 - 2016-10-28 10:23 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-10-20 00:47 - 2018-09-14 03:11 - 000000000 ____D C:\Users\owner\AppData\Roaming\FontBase
2018-10-19 13:57 - 2017-02-18 19:37 - 000007608 _____ C:\Users\owner\AppData\Local\Resmon.ResmonCfg
2018-10-19 05:20 - 2018-04-30 19:30 - 000000000 ____D C:\WINDOWS\SysWOW64\fr
2018-10-19 05:20 - 2018-04-30 19:30 - 000000000 ____D C:\WINDOWS\system32\fr
2018-10-19 03:35 - 2018-04-30 19:31 - 000351124 _____ C:\WINDOWS\system32\perfi00C.dat
2018-10-19 03:35 - 2018-04-30 19:31 - 000040694 _____ C:\WINDOWS\system32\perfd00C.dat
2018-10-19 03:25 - 2017-03-11 14:37 - 000000000 ____D C:\ProgramData\ProductData
2018-10-19 03:25 - 2017-03-11 14:34 - 000000000 ____D C:\Users\owner\AppData\Roaming\IObit
2018-10-19 03:25 - 2016-06-14 12:06 - 000000000 ____D C:\ProgramData\IObit
2018-10-19 03:24 - 2018-08-28 07:59 - 000000000 ____D C:\IObit Uninstaller
2018-10-18 03:36 - 2017-02-27 19:28 - 000000000 ____D C:\Users\owner\AppData\Local\Greenshot
2018-10-18 03:35 - 2018-10-03 04:59 - 000003214 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2018-10-18 02:24 - 2018-06-25 20:08 - 000000000 ____D C:\Program Files (x86)\wifiinfoview
2018-10-18 02:21 - 2018-08-22 07:20 - 000000000 ____D C:\WiseCare365
2018-10-18 02:16 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-10-18 02:16 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-10-18 02:04 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-10-17 18:06 - 2018-08-21 05:28 - 006410288 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2018-10-17 18:06 - 2018-08-21 05:28 - 000023768 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2018-10-16 04:39 - 2018-10-03 04:04 - 000000000 ___DC C:\WINDOWS\Panther
2018-10-16 04:39 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2018-10-16 03:46 - 2018-08-21 05:27 - 000928496 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsPer.sys
2018-10-16 03:43 - 2015-04-11 00:53 - 000000000 ____D C:\ProgramData\Intel
2018-10-16 03:41 - 2017-07-28 15:30 - 000000000 ____D C:\Program Files\Intel
2018-10-16 03:39 - 2018-09-14 12:29 - 000000000 ____D C:\Program Files\System information Viewer
2018-10-16 03:33 - 2018-08-19 13:17 - 000000000 ____D C:\Program Files (x86)\EZ CDAudio Converter
2018-10-15 13:20 - 2018-10-03 09:23 - 000000000 ____D C:\Users\owner\AppData\Local\MSfree Inc
2018-10-14 04:38 - 2017-12-14 12:44 - 000189584 _____ (Ray Hinchliffe) C:\WINDOWS\system32\Drivers\SIVX64.sys
2018-10-13 03:26 - 2016-06-14 12:06 - 000000000 ____D C:\Program Files (x86)\IObit
2018-10-12 05:22 - 2018-05-04 11:39 - 000000000 ____D C:\Program Files\Text Editor Pro
2018-10-12 04:57 - 2016-06-06 15:27 - 000000524 __RSH C:\ProgramData\ntuser.pol
2018-10-11 04:22 - 2016-06-18 20:31 - 000000000 ____D C:\Program Files\Win10 Spy Disabler
2018-10-11 03:17 - 2016-10-27 11:11 - 000000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2018-10-11 03:17 - 2016-10-27 11:11 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2018-10-11 02:42 - 2016-12-11 11:17 - 000000000 ____D C:\Program Files\Common Files\logishrd
2018-10-10 17:21 - 2016-10-17 08:28 - 000000000 ____D C:\Users\owner\AppData\Roaming\Eusing
2018-10-10 01:45 - 2016-10-23 07:59 - 000000000 ____D C:\Users\owner\AppData\Roaming\RegistryFinder
2018-10-10 01:18 - 2017-10-19 06:09 - 000000000 ___RD C:\Users\owner\3D Objects
2018-10-10 01:18 - 2016-02-13 14:13 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-10 01:02 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-10-10 01:02 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-10-09 03:00 - 2016-06-10 16:52 - 000000000 ____D C:\Users\owner\AppData\Roaming\CyberLink
2018-10-09 03:00 - 2016-06-10 16:47 - 000000000 ____D C:\ProgramData\SUPPORTDIR
2018-10-09 02:59 - 2018-02-25 16:26 - 000000000 ___HD C:\ProgramData\CyberLink
2018-10-09 02:59 - 2018-02-25 14:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\CLFCL5.18
2018-10-09 02:59 - 2018-02-25 14:10 - 000000000 ____D C:\ProgramData\CLSK
2018-10-09 02:59 - 2016-06-10 16:48 - 000000000 ____D C:\Users\owner\AppData\Local\CyberLink
2018-10-09 02:59 - 2016-06-10 16:48 - 000000000 ____D C:\Program Files (x86)\NSIS Uninstall Information
2018-10-09 02:59 - 2016-06-10 16:47 - 000000000 ____D C:\ProgramData\install_clap
2018-10-09 02:59 - 2014-12-10 18:04 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-10-08 13:08 - 2018-06-27 09:43 - 000000000 ____D C:\ProgramData\Packages
==================== Files in the root of some directories =======
2017-12-01 06:07 - 2018-08-21 04:20 - 003270016 _____ () C:\Users\owner\ZHPCleaner.exe
2018-04-15 11:43 - 2018-10-31 23:04 - 003173248 _____ () C:\Users\owner\ZHPDiag3.exe
2018-01-29 12:52 - 2018-08-18 05:02 - 001559936 _____ () C:\Users\owner\ZHPLite.exe
2018-07-11 03:08 - 2018-07-04 22:55 - 016629504 _____ (Tracker Software Products (Canada) Ltd.) C:\Program Files\PDF X-change viewer.exe
2018-03-10 18:39 - 2018-06-27 07:12 - 000055296 _____ (WinTools) C:\Program Files (x86)\Change size.exe
2018-04-12 09:22 - 2018-04-12 08:40 - 000153088 _____ () C:\Program Files (x86)\Chrono.exe
2018-07-15 01:25 - 2018-07-14 02:13 - 000073216 _____ (WinTools) C:\Program Files (x86)\colorclassic.exe
2016-09-26 18:40 - 2016-09-26 18:40 - 000001981 _____ () C:\Program Files (x86)\FirstBackup.spg
2018-04-30 19:15 - 2018-04-30 07:18 - 004787712 _____ (Nebojsa Vucinic Trebinje) C:\Program Files (x86)\Hosts File Editor.exe
2017-02-16 09:34 - 2017-02-14 06:27 - 000211968 _____ (Kazuyuki Nakayama) C:\Program Files (x86)\HotSwap!.EXE
2018-08-07 04:09 - 2017-12-25 16:34 - 001008640 _____ (Wenovo.com) C:\Program Files (x86)\Pictures to color.exe
2017-12-20 14:23 - 2018-02-12 11:57 - 002162824 _____ (Sysinternals - www.sysinternals.com) C:\Program Files (x86)\Procmon.exe
2017-12-28 09:08 - 2017-03-21 14:55 - 000058880 _____ (TheWindowsClub) C:\Program Files (x86)\ScreenOff 2.1.exe
2016-09-26 18:37 - 2018-07-31 12:14 - 000684032 _____ (Speed Guide Inc.) C:\Program Files (x86)\TCPOptimizer.exe
2017-12-10 15:35 - 2018-08-29 02:59 - 000086016 _____ (blackholeearth) C:\Program Files (x86)\Windows 10 Brightness Slider.exe
2018-10-26 06:08 - 2018-10-26 06:08 - 000000171 _____ () C:\Users\owner\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2018-10-26 06:08 - 2018-10-26 06:08 - 000001057 _____ () C:\Users\owner\AppData\Roaming\88e9dc3a-641c-4dc2-9204-9ba65cc42265
2017-01-21 12:43 - 2018-04-06 18:43 - 000000033 _____ () C:\Users\owner\AppData\Roaming\AdobeWLCMCache.dat
2018-03-23 22:46 - 2018-03-23 22:46 - 000000212 _____ () C:\Users\owner\AppData\Roaming\ex_log.txt
2018-03-23 22:46 - 2018-03-23 22:46 - 000001884 _____ () C:\Users\owner\AppData\Roaming\thebat64_Exceptions.log
2017-03-23 21:48 - 2017-03-23 21:48 - 000003584 _____ () C:\Users\owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-04-11 20:55 - 2018-11-03 10:46 - 000000081 _____ () C:\Users\owner\AppData\Local\FILM_AE_LogFile.txt
2018-10-07 03:07 - 2018-10-07 03:07 - 000000000 _____ () C:\Users\owner\AppData\Local\oobelibMkey.log
2018-04-01 13:31 - 2018-04-01 13:31 - 000000218 _____ () C:\Users\owner\AppData\Local\recently-used.xbel
2017-02-18 19:37 - 2018-10-19 13:57 - 000007608 _____ () C:\Users\owner\AppData\Local\Resmon.ResmonCfg
2018-04-01 13:29 - 2018-04-01 13:29 - 000000000 _____ () C:\Users\owner\AppData\Local\zenmap.exe.log
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================